Refactored all controller mini tests and migrated them to rspec request specs
This commit is contained in:
parent
769fb19064
commit
29b616d61d
62 changed files with 8566 additions and 13319 deletions
|
@ -78,7 +78,6 @@ test:unit:mysql:
|
|||
- rake db:migrate
|
||||
- rake db:seed
|
||||
- rake test:units
|
||||
- rake test:controllers
|
||||
- ruby -I test/ test/integration/object_manager_test.rb
|
||||
- ruby -I test/ test/integration/object_manager_attributes_controller_test.rb
|
||||
- ruby -I test/ test/integration/package_test.rb
|
||||
|
@ -96,7 +95,6 @@ test:unit:postgresql:
|
|||
- rake db:migrate
|
||||
- rake db:seed
|
||||
- rake test:units
|
||||
- rake test:controllers
|
||||
- ruby -I test/ test/integration/object_manager_test.rb
|
||||
- ruby -I test/ test/integration/object_manager_attributes_controller_test.rb
|
||||
- ruby -I test/ test/integration/package_test.rb
|
||||
|
@ -242,11 +240,8 @@ test:integration:es_mysql:
|
|||
- rake db:migrate
|
||||
- ruby -I test/ test/integration/elasticsearch_active_test.rb
|
||||
- ruby -I test/ test/integration/elasticsearch_test.rb
|
||||
- ruby -I test/ test/controllers/search_controller_test.rb
|
||||
- ruby -I test/ test/integration/report_test.rb
|
||||
- ruby -I test/ test/controllers/form_controller_test.rb
|
||||
- ruby -I test/ test/controllers/users_controller_test.rb
|
||||
- ruby -I test/ test/controllers/organizations_controller_test.rb
|
||||
- bundle exec rspec --tag searchindex
|
||||
- rake db:drop
|
||||
|
||||
test:integration:es_postgresql:
|
||||
|
@ -262,11 +257,8 @@ test:integration:es_postgresql:
|
|||
- rake db:migrate
|
||||
- ruby -I test/ test/integration/elasticsearch_active_test.rb
|
||||
- ruby -I test/ test/integration/elasticsearch_test.rb
|
||||
- ruby -I test/ test/controllers/search_controller_test.rb
|
||||
- ruby -I test/ test/integration/report_test.rb
|
||||
- ruby -I test/ test/controllers/form_controller_test.rb
|
||||
- ruby -I test/ test/controllers/users_controller_test.rb
|
||||
- ruby -I test/ test/controllers/organizations_controller_test.rb
|
||||
- bundle exec rspec --tag searchindex
|
||||
- rake db:drop
|
||||
|
||||
test:integration:zendesk_mysql:
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
FactoryBot.define do
|
||||
factory :email_address do
|
||||
email 'zammad@localhost'
|
||||
realname 'zammad'
|
||||
sequence(:email) { |n| "zammad#{n}@localhost.com" }
|
||||
sequence(:realname) { |n| "zammad#{n}" }
|
||||
channel_id 1
|
||||
created_by_id 1
|
||||
updated_by_id 1
|
||||
|
|
10
spec/factories/ticket/time_accounting.rb
Normal file
10
spec/factories/ticket/time_accounting.rb
Normal file
|
@ -0,0 +1,10 @@
|
|||
FactoryBot.define do
|
||||
factory :ticket_time_accounting, class: Ticket::TimeAccounting do
|
||||
ticket_id { FactoryBot.create(:ticket).id }
|
||||
ticket_article_id { FactoryBot.create(:ticket_article).id }
|
||||
time_unit 200
|
||||
created_by_id 1
|
||||
created_at Time.zone.now
|
||||
updated_at Time.zone.now
|
||||
end
|
||||
end
|
164
spec/requests/api_auth_on_behalf_of_spec.rb
Normal file
164
spec/requests/api_auth_on_behalf_of_spec.rb
Normal file
|
@ -0,0 +1,164 @@
|
|||
require 'rails_helper'
|
||||
|
||||
RSpec.describe 'Api Auth On Behalf Of', type: :request do
|
||||
|
||||
let(:admin_user) do
|
||||
create(:admin_user, groups: Group.all)
|
||||
end
|
||||
let(:agent_user) do
|
||||
create(:agent_user)
|
||||
end
|
||||
let(:customer_user) do
|
||||
create(:customer_user)
|
||||
end
|
||||
|
||||
describe 'request handling' do
|
||||
|
||||
it 'does X-On-Behalf-Of auth - ticket create admin for customer by id' do
|
||||
params = {
|
||||
title: 'a new ticket #3',
|
||||
group: 'Users',
|
||||
priority: '2 normal',
|
||||
state: 'new',
|
||||
customer_id: customer_user.id,
|
||||
article: {
|
||||
body: 'some test 123',
|
||||
},
|
||||
}
|
||||
authenticated_as(admin_user, on_behalf_of: customer_user.id)
|
||||
post '/api/v1/tickets', params: params, as: :json
|
||||
expect(response).to have_http_status(201)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(customer_user.id).to eq(json_response['created_by_id'])
|
||||
end
|
||||
|
||||
it 'does X-On-Behalf-Of auth - ticket create admin for customer by login' do
|
||||
ActivityStream.cleanup(1.year)
|
||||
|
||||
params = {
|
||||
title: 'a new ticket #3',
|
||||
group: 'Users',
|
||||
priority: '2 normal',
|
||||
state: 'new',
|
||||
customer_id: customer_user.id,
|
||||
article: {
|
||||
body: 'some test 123',
|
||||
},
|
||||
}
|
||||
authenticated_as(admin_user, on_behalf_of: customer_user.login)
|
||||
post '/api/v1/tickets', params: params, as: :json
|
||||
expect(response).to have_http_status(201)
|
||||
json_response_ticket = json_response
|
||||
expect(json_response_ticket).to be_a_kind_of(Hash)
|
||||
expect(customer_user.id).to eq(json_response_ticket['created_by_id'])
|
||||
|
||||
authenticated_as(admin_user)
|
||||
get '/api/v1/activity_stream?full=true', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
json_response_activity = json_response
|
||||
expect(json_response_activity).to be_a_kind_of(Hash)
|
||||
|
||||
ticket_created = nil
|
||||
json_response_activity['record_ids'].each do |record_id|
|
||||
activity_stream = ActivityStream.find(record_id)
|
||||
next if activity_stream.object.name != 'Ticket'
|
||||
next if activity_stream.o_id != json_response_ticket['id'].to_i
|
||||
ticket_created = activity_stream
|
||||
end
|
||||
|
||||
expect(ticket_created).to be_truthy
|
||||
expect(customer_user.id).to eq(ticket_created.created_by_id)
|
||||
|
||||
get '/api/v1/activity_stream', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
json_response_activity = json_response
|
||||
expect(json_response_activity).to be_a_kind_of(Array)
|
||||
|
||||
ticket_created = nil
|
||||
json_response_activity.each do |record|
|
||||
activity_stream = ActivityStream.find(record['id'])
|
||||
next if activity_stream.object.name != 'Ticket'
|
||||
next if activity_stream.o_id != json_response_ticket['id']
|
||||
ticket_created = activity_stream
|
||||
end
|
||||
|
||||
expect(ticket_created).to be_truthy
|
||||
expect(customer_user.id).to eq(ticket_created.created_by_id)
|
||||
end
|
||||
|
||||
it 'does X-On-Behalf-Of auth - ticket create admin for customer by email' do
|
||||
params = {
|
||||
title: 'a new ticket #3',
|
||||
group: 'Users',
|
||||
priority: '2 normal',
|
||||
state: 'new',
|
||||
customer_id: customer_user.id,
|
||||
article: {
|
||||
body: 'some test 123',
|
||||
},
|
||||
}
|
||||
authenticated_as(admin_user, on_behalf_of: customer_user.email)
|
||||
post '/api/v1/tickets', params: params, as: :json
|
||||
expect(response).to have_http_status(201)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(customer_user.id).to eq(json_response['created_by_id'])
|
||||
end
|
||||
|
||||
it 'does X-On-Behalf-Of auth - ticket create admin for unknown' do
|
||||
params = {
|
||||
title: 'a new ticket #3',
|
||||
group: 'Users',
|
||||
priority: '2 normal',
|
||||
state: 'new',
|
||||
customer_id: customer_user.id,
|
||||
article: {
|
||||
body: 'some test 123',
|
||||
},
|
||||
}
|
||||
authenticated_as(admin_user, on_behalf_of: 99_449_494_949)
|
||||
post '/api/v1/tickets', params: params, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(@response.header.key?('Access-Control-Allow-Origin')).to be_falsey
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq("No such user '99449494949'")
|
||||
end
|
||||
|
||||
it 'does X-On-Behalf-Of auth - ticket create customer for admin' do
|
||||
params = {
|
||||
title: 'a new ticket #3',
|
||||
group: 'Users',
|
||||
priority: '2 normal',
|
||||
state: 'new',
|
||||
customer_id: customer_user.id,
|
||||
article: {
|
||||
body: 'some test 123',
|
||||
},
|
||||
}
|
||||
authenticated_as(customer_user, on_behalf_of: admin_user.email)
|
||||
post '/api/v1/tickets', params: params, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(@response.header.key?('Access-Control-Allow-Origin')).to be_falsey
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq("Current user has no permission to use 'X-On-Behalf-Of'!")
|
||||
end
|
||||
|
||||
it 'does X-On-Behalf-Of auth - ticket create admin for customer by email but no permitted action' do
|
||||
params = {
|
||||
title: 'a new ticket #3',
|
||||
group: 'secret1234',
|
||||
priority: '2 normal',
|
||||
state: 'new',
|
||||
customer_id: customer_user.id,
|
||||
article: {
|
||||
body: 'some test 123',
|
||||
},
|
||||
}
|
||||
authenticated_as(admin_user, on_behalf_of: customer_user.email)
|
||||
post '/api/v1/tickets', params: params, as: :json
|
||||
expect(response).to have_http_status(422)
|
||||
expect(@response.header.key?('Access-Control-Allow-Origin')).to be_falsey
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('No lookup value found for \'group\': "secret1234"')
|
||||
end
|
||||
end
|
||||
end
|
383
spec/requests/api_auth_spec.rb
Normal file
383
spec/requests/api_auth_spec.rb
Normal file
|
@ -0,0 +1,383 @@
|
|||
require 'rails_helper'
|
||||
|
||||
RSpec.describe 'Api Auth', type: :request do
|
||||
|
||||
let(:admin_user) do
|
||||
create(:admin_user)
|
||||
end
|
||||
let(:agent_user) do
|
||||
create(:agent_user)
|
||||
end
|
||||
let(:customer_user) do
|
||||
create(:customer_user)
|
||||
end
|
||||
|
||||
describe 'request handling' do
|
||||
|
||||
it 'does basic auth - admin' do
|
||||
|
||||
Setting.set('api_password_access', false)
|
||||
authenticated_as(admin_user)
|
||||
get '/api/v1/sessions', params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(response.header.key?('Access-Control-Allow-Origin')).to be_falsey
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('API password access disabled!')
|
||||
|
||||
Setting.set('api_password_access', true)
|
||||
get '/api/v1/sessions', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(response.header['Access-Control-Allow-Origin']).to eq('*')
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response).to be_truthy
|
||||
end
|
||||
|
||||
it 'does basic auth - agent' do
|
||||
|
||||
Setting.set('api_password_access', false)
|
||||
authenticated_as(agent_user)
|
||||
get '/api/v1/tickets', params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(response.header.key?('Access-Control-Allow-Origin')).to be_falsey
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('API password access disabled!')
|
||||
|
||||
Setting.set('api_password_access', true)
|
||||
get '/api/v1/tickets', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(response.header['Access-Control-Allow-Origin']).to eq('*')
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
expect(json_response).to be_truthy
|
||||
end
|
||||
|
||||
it 'does basic auth - customer' do
|
||||
|
||||
Setting.set('api_password_access', false)
|
||||
authenticated_as(customer_user)
|
||||
get '/api/v1/tickets', params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(response.header.key?('Access-Control-Allow-Origin')).to be_falsey
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('API password access disabled!')
|
||||
|
||||
Setting.set('api_password_access', true)
|
||||
get '/api/v1/tickets', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(response.header['Access-Control-Allow-Origin']).to eq('*')
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
expect(json_response).to be_truthy
|
||||
end
|
||||
|
||||
it 'does token auth - admin' do
|
||||
|
||||
admin_token = create(
|
||||
:token,
|
||||
action: 'api',
|
||||
persistent: true,
|
||||
user_id: admin_user.id,
|
||||
preferences: {
|
||||
permission: ['admin.session'],
|
||||
},
|
||||
)
|
||||
|
||||
authenticated_as(admin_user, token: admin_token)
|
||||
|
||||
Setting.set('api_token_access', false)
|
||||
get '/api/v1/sessions', params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(response.header.key?('Access-Control-Allow-Origin')).to be_falsey
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('API token access disabled!')
|
||||
|
||||
Setting.set('api_token_access', true)
|
||||
get '/api/v1/sessions', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(response.header['Access-Control-Allow-Origin']).to eq('*')
|
||||
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response).to be_truthy
|
||||
|
||||
admin_token.preferences[:permission] = ['admin.session_not_existing']
|
||||
admin_token.save!
|
||||
|
||||
get '/api/v1/sessions', params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('Not authorized (token)!')
|
||||
|
||||
admin_token.preferences[:permission] = []
|
||||
admin_token.save!
|
||||
|
||||
get '/api/v1/sessions', params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('Not authorized (token)!')
|
||||
|
||||
admin_user.active = false
|
||||
admin_user.save!
|
||||
|
||||
get '/api/v1/sessions', params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('User is inactive!')
|
||||
|
||||
admin_token.preferences[:permission] = ['admin.session']
|
||||
admin_token.save!
|
||||
|
||||
get '/api/v1/sessions', params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('User is inactive!')
|
||||
|
||||
admin_user.active = true
|
||||
admin_user.save!
|
||||
|
||||
get '/api/v1/sessions', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response).to be_truthy
|
||||
|
||||
get '/api/v1/roles', params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('Not authorized (token)!')
|
||||
|
||||
admin_token.preferences[:permission] = ['admin.session_not_existing', 'admin.role']
|
||||
admin_token.save!
|
||||
|
||||
get '/api/v1/roles', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
expect(json_response).to be_truthy
|
||||
|
||||
admin_token.preferences[:permission] = ['ticket.agent']
|
||||
admin_token.save!
|
||||
|
||||
get '/api/v1/organizations', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
expect(json_response).to be_truthy
|
||||
|
||||
name = "some org name #{rand(999_999_999)}"
|
||||
post '/api/v1/organizations', params: { name: name }, as: :json
|
||||
expect(response).to have_http_status(201)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['name']).to eq(name)
|
||||
expect(json_response).to be_truthy
|
||||
|
||||
name = "some org name #{rand(999_999_999)} - 2"
|
||||
put "/api/v1/organizations/#{json_response['id']}", params: { name: name }, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['name']).to eq(name)
|
||||
expect(json_response).to be_truthy
|
||||
|
||||
admin_token.preferences[:permission] = ['admin.organization']
|
||||
admin_token.save!
|
||||
|
||||
get '/api/v1/organizations', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
expect(json_response).to be_truthy
|
||||
|
||||
name = "some org name #{rand(999_999_999)}"
|
||||
post '/api/v1/organizations', params: { name: name }, as: :json
|
||||
expect(response).to have_http_status(201)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['name']).to eq(name)
|
||||
expect(json_response).to be_truthy
|
||||
|
||||
name = "some org name #{rand(999_999_999)} - 2"
|
||||
put "/api/v1/organizations/#{json_response['id']}", params: { name: name }, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['name']).to eq(name)
|
||||
expect(json_response).to be_truthy
|
||||
|
||||
admin_token.preferences[:permission] = ['admin']
|
||||
admin_token.save!
|
||||
|
||||
get '/api/v1/organizations', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
expect(json_response).to be_truthy
|
||||
|
||||
name = "some org name #{rand(999_999_999)}"
|
||||
post '/api/v1/organizations', params: { name: name }, as: :json
|
||||
expect(response).to have_http_status(201)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['name']).to eq(name)
|
||||
expect(json_response).to be_truthy
|
||||
|
||||
name = "some org name #{rand(999_999_999)} - 2"
|
||||
put "/api/v1/organizations/#{json_response['id']}", params: { name: name }, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['name']).to eq(name)
|
||||
expect(json_response).to be_truthy
|
||||
|
||||
end
|
||||
|
||||
it 'does token auth - agent' do
|
||||
|
||||
agent_token = create(
|
||||
:token,
|
||||
action: 'api',
|
||||
persistent: true,
|
||||
user_id: agent_user.id,
|
||||
)
|
||||
|
||||
authenticated_as(agent_user, token: agent_token)
|
||||
|
||||
Setting.set('api_token_access', false)
|
||||
get '/api/v1/tickets', params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(response.header.key?('Access-Control-Allow-Origin')).to be_falsey
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('API token access disabled!')
|
||||
|
||||
Setting.set('api_token_access', true)
|
||||
get '/api/v1/tickets', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(response.header['Access-Control-Allow-Origin']).to eq('*')
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
expect(json_response).to be_truthy
|
||||
|
||||
get '/api/v1/organizations', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
expect(json_response).to be_truthy
|
||||
|
||||
name = "some org name #{rand(999_999_999)}"
|
||||
post '/api/v1/organizations', params: { name: name }, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
|
||||
end
|
||||
|
||||
it 'does token auth - customer' do
|
||||
|
||||
customer_token = create(
|
||||
:token,
|
||||
action: 'api',
|
||||
persistent: true,
|
||||
user_id: customer_user.id,
|
||||
)
|
||||
|
||||
authenticated_as(customer_user, token: customer_token)
|
||||
|
||||
Setting.set('api_token_access', false)
|
||||
get '/api/v1/tickets', params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(response.header.key?('Access-Control-Allow-Origin')).to be_falsey
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('API token access disabled!')
|
||||
|
||||
Setting.set('api_token_access', true)
|
||||
get '/api/v1/tickets', params: {}, as: :json
|
||||
expect(response.header['Access-Control-Allow-Origin']).to eq('*')
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
expect(json_response).to be_truthy
|
||||
|
||||
get '/api/v1/organizations', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
expect(json_response).to be_truthy
|
||||
|
||||
name = "some org name #{rand(999_999_999)}"
|
||||
post '/api/v1/organizations', params: { name: name }, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
end
|
||||
|
||||
it 'does token auth - invalid user - admin' do
|
||||
|
||||
admin_token = create(
|
||||
:token,
|
||||
action: 'api',
|
||||
persistent: true,
|
||||
user_id: admin_user.id,
|
||||
)
|
||||
|
||||
authenticated_as(admin_user, token: admin_token)
|
||||
|
||||
admin_user.active = false
|
||||
admin_user.save!
|
||||
|
||||
Setting.set('api_token_access', false)
|
||||
get '/api/v1/sessions', params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(response.header.key?('Access-Control-Allow-Origin')).to be_falsey
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('API token access disabled!')
|
||||
|
||||
Setting.set('api_token_access', true)
|
||||
get '/api/v1/sessions', params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(response.header.key?('Access-Control-Allow-Origin')).to be_falsey
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('User is inactive!')
|
||||
end
|
||||
|
||||
it 'does token auth - expired' do
|
||||
|
||||
Setting.set('api_token_access', true)
|
||||
|
||||
admin_token = create(
|
||||
:token,
|
||||
action: 'api',
|
||||
persistent: true,
|
||||
user_id: admin_user.id,
|
||||
expires_at: Time.zone.today
|
||||
)
|
||||
|
||||
authenticated_as(admin_user, token: admin_token)
|
||||
|
||||
get '/api/v1/tickets', params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(response.header.key?('Access-Control-Allow-Origin')).to be_falsey
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('Not authorized (token expired)!')
|
||||
|
||||
admin_token.reload
|
||||
expect(admin_token.last_used_at).to be_within(1.second).of(Time.zone.now)
|
||||
end
|
||||
|
||||
it 'does token auth - not expired' do
|
||||
|
||||
Setting.set('api_token_access', true)
|
||||
|
||||
admin_token = create(
|
||||
:token,
|
||||
action: 'api',
|
||||
persistent: true,
|
||||
user_id: admin_user.id,
|
||||
expires_at: Time.zone.tomorrow
|
||||
)
|
||||
|
||||
authenticated_as(admin_user, token: admin_token)
|
||||
|
||||
get '/api/v1/tickets', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(response.header['Access-Control-Allow-Origin']).to eq('*')
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
expect(json_response).to be_truthy
|
||||
|
||||
admin_token.reload
|
||||
expect(admin_token.last_used_at).to be_within(1.second).of(Time.zone.now)
|
||||
end
|
||||
|
||||
it 'does session auth - admin' do
|
||||
create(:admin_user, login: 'api-admin@example.com', password: 'adminpw')
|
||||
|
||||
post '/api/v1/signin', params: { username: 'api-admin@example.com', password: 'adminpw', fingerprint: '123456789' }
|
||||
expect(response.header.key?('Access-Control-Allow-Origin')).to be_falsey
|
||||
expect(response).to have_http_status(201)
|
||||
|
||||
get '/api/v1/sessions', params: {}
|
||||
expect(response).to have_http_status(200)
|
||||
expect(response.header.key?('Access-Control-Allow-Origin')).to be_falsey
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response).to be_truthy
|
||||
end
|
||||
end
|
||||
end
|
112
spec/requests/basic_spec.rb
Normal file
112
spec/requests/basic_spec.rb
Normal file
|
@ -0,0 +1,112 @@
|
|||
require 'rails_helper'
|
||||
|
||||
RSpec.describe 'Basics', type: :request do
|
||||
|
||||
describe 'request handling' do
|
||||
|
||||
it 'does json requests' do
|
||||
|
||||
# 404
|
||||
get '/not_existing_url', as: :json
|
||||
expect(response).to have_http_status(404)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('No route matches [GET] /not_existing_url')
|
||||
|
||||
# 401
|
||||
get '/api/v1/organizations', as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('authentication failed')
|
||||
|
||||
# 422
|
||||
get '/tests/unprocessable_entity', as: :json
|
||||
expect(response).to have_http_status(422)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('some error message')
|
||||
|
||||
# 401
|
||||
get '/tests/not_authorized', as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('some error message')
|
||||
|
||||
# 401
|
||||
get '/tests/ar_not_found', as: :json
|
||||
expect(response).to have_http_status(404)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('some error message')
|
||||
|
||||
# 500
|
||||
get '/tests/standard_error', as: :json
|
||||
expect(response).to have_http_status(500)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('some error message')
|
||||
|
||||
# 422
|
||||
get '/tests/argument_error', as: :json
|
||||
expect(response).to have_http_status(422)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('some error message')
|
||||
end
|
||||
|
||||
it 'does html requests' do
|
||||
|
||||
# 404
|
||||
get '/not_existing_url'
|
||||
expect(response).to have_http_status(404)
|
||||
expect(response.body).to match(/<html/)
|
||||
expect(response.body).to match(%r{<title>404: Not Found</title>})
|
||||
expect(response.body).to match(%r{<h1>404: Requested Ressource was not found.</h1>})
|
||||
expect(response.body).to match(%r{No route matches \[GET\] /not_existing_url})
|
||||
|
||||
# 401
|
||||
get '/api/v1/organizations'
|
||||
expect(response).to have_http_status(401)
|
||||
expect(response.body).to match(/<html/)
|
||||
expect(response.body).to match(%r{<title>401: Unauthorized</title>})
|
||||
expect(response.body).to match(%r{<h1>401: Unauthorized</h1>})
|
||||
expect(response.body).to match(/authentication failed/)
|
||||
|
||||
# 422
|
||||
get '/tests/unprocessable_entity'
|
||||
expect(response).to have_http_status(422)
|
||||
expect(response.body).to match(/<html/)
|
||||
expect(response.body).to match(%r{<title>422: Unprocessable Entity</title>})
|
||||
expect(response.body).to match(%r{<h1>422: The change you wanted was rejected.</h1>})
|
||||
expect(response.body).to match(/some error message/)
|
||||
|
||||
# 401
|
||||
get '/tests/not_authorized'
|
||||
expect(response).to have_http_status(401)
|
||||
expect(response.body).to match(/<html/)
|
||||
expect(response.body).to match(%r{<title>401: Unauthorized</title>})
|
||||
expect(response.body).to match(%r{<h1>401: Unauthorized</h1>})
|
||||
expect(response.body).to match(/some error message/)
|
||||
|
||||
# 401
|
||||
get '/tests/ar_not_found'
|
||||
expect(response).to have_http_status(404)
|
||||
expect(response.body).to match(/<html/)
|
||||
expect(response.body).to match(%r{<title>404: Not Found</title>})
|
||||
expect(response.body).to match(%r{<h1>404: Requested Ressource was not found.</h1>})
|
||||
expect(response.body).to match(/some error message/)
|
||||
|
||||
# 500
|
||||
get '/tests/standard_error'
|
||||
expect(response).to have_http_status(500)
|
||||
expect(response.body).to match(/<html/)
|
||||
expect(response.body).to match(%r{<title>500: Something went wrong</title>})
|
||||
expect(response.body).to match(%r{<h1>500: We're sorry, but something went wrong.</h1>})
|
||||
expect(response.body).to match(/some error message/)
|
||||
|
||||
# 422
|
||||
get '/tests/argument_error'
|
||||
expect(response).to have_http_status(422)
|
||||
expect(response.body).to match(/<html/)
|
||||
expect(response.body).to match(%r{<title>422: Unprocessable Entity</title>})
|
||||
expect(response.body).to match(%r{<h1>422: The change you wanted was rejected.</h1>})
|
||||
expect(response.body).to match(/some error message/)
|
||||
end
|
||||
end
|
||||
|
||||
end
|
63
spec/requests/calendar_spec.rb
Normal file
63
spec/requests/calendar_spec.rb
Normal file
|
@ -0,0 +1,63 @@
|
|||
require 'rails_helper'
|
||||
|
||||
RSpec.describe 'Calendars', type: :request do
|
||||
|
||||
let(:admin_user) do
|
||||
create(:admin_user)
|
||||
end
|
||||
|
||||
describe 'request handling' do
|
||||
|
||||
it 'does calendar index with nobody' do
|
||||
get '/api/v1/calendars', as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('authentication failed')
|
||||
|
||||
get '/api/v1/calendars_init', as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('authentication failed')
|
||||
end
|
||||
|
||||
it 'does calendar index with admin' do
|
||||
authenticated_as(admin_user)
|
||||
get '/api/v1/calendars', as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
expect(json_response).to be_truthy
|
||||
expect(json_response.count).to eq(1)
|
||||
|
||||
get '/api/v1/calendars?expand=true', as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
expect(json_response).to be_truthy
|
||||
expect(json_response.count).to eq(1)
|
||||
|
||||
get '/api/v1/calendars?full=true', as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response).to be_truthy
|
||||
expect(json_response['record_ids']).to be_truthy
|
||||
expect(json_response['record_ids'].count).to eq(1)
|
||||
expect(json_response['assets']).to be_truthy
|
||||
expect(json_response['assets']).to be_present
|
||||
|
||||
# index
|
||||
get '/api/v1/calendars_init', as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['record_ids']).to be_truthy
|
||||
expect(json_response['ical_feeds']).to be_truthy
|
||||
expect(json_response['ical_feeds']['http://www.google.com/calendar/ical/da.danish%23holiday%40group.v.calendar.google.com/public/basic.ics']).to eq('Denmark')
|
||||
expect(json_response['ical_feeds']['http://www.google.com/calendar/ical/de.austrian%23holiday%40group.v.calendar.google.com/public/basic.ics']).to eq('Austria')
|
||||
expect(json_response['timezones']).to be_truthy
|
||||
expect(json_response['timezones']['Africa/Johannesburg']).to eq(2)
|
||||
expect(json_response['timezones']['America/Sitka']).to eq(-8)
|
||||
expect(json_response['assets']).to be_truthy
|
||||
end
|
||||
end
|
||||
|
||||
end
|
221
spec/requests/form_spec.rb
Normal file
221
spec/requests/form_spec.rb
Normal file
|
@ -0,0 +1,221 @@
|
|||
require 'rails_helper'
|
||||
|
||||
RSpec.describe 'Form', type: :request, searchindex: true do
|
||||
|
||||
before(:each) do
|
||||
rebuild_searchindex
|
||||
end
|
||||
|
||||
describe 'request handling' do
|
||||
|
||||
it 'does get config call' do
|
||||
post '/api/v1/form_config', params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('Not authorized')
|
||||
end
|
||||
|
||||
it 'does get config call' do
|
||||
Setting.set('form_ticket_create', true)
|
||||
post '/api/v1/form_config', params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('Not authorized')
|
||||
|
||||
end
|
||||
|
||||
it 'does get config call & do submit' do
|
||||
Setting.set('form_ticket_create', true)
|
||||
fingerprint = SecureRandom.hex(40)
|
||||
post '/api/v1/form_config', params: { fingerprint: fingerprint }, as: :json
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['enabled']).to eq(true)
|
||||
expect(json_response['endpoint']).to eq('http://zammad.example.com/api/v1/form_submit')
|
||||
expect(json_response['token']).to be_truthy
|
||||
token = json_response['token']
|
||||
|
||||
post '/api/v1/form_submit', params: { fingerprint: fingerprint, token: 'invalid' }, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('Not authorized')
|
||||
|
||||
post '/api/v1/form_submit', params: { fingerprint: fingerprint, token: token }, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
|
||||
expect(json_response['errors']).to be_truthy
|
||||
expect(json_response['errors']['name']).to eq('required')
|
||||
expect(json_response['errors']['email']).to eq('required')
|
||||
expect(json_response['errors']['title']).to eq('required')
|
||||
expect(json_response['errors']['body']).to eq('required')
|
||||
|
||||
post '/api/v1/form_submit', params: { fingerprint: fingerprint, token: token, email: 'some' }, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
|
||||
expect(json_response['errors']).to be_truthy
|
||||
expect(json_response['errors']['name']).to eq('required')
|
||||
expect(json_response['errors']['email']).to eq('invalid')
|
||||
expect(json_response['errors']['title']).to eq('required')
|
||||
expect(json_response['errors']['body']).to eq('required')
|
||||
|
||||
post '/api/v1/form_submit', params: { fingerprint: fingerprint, token: token, name: 'Bob Smith', email: 'discard@znuny.com', title: 'test', body: 'hello' }, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
|
||||
expect(json_response['errors']).to be_falsey
|
||||
expect(json_response['ticket']).to be_truthy
|
||||
expect(json_response['ticket']['id']).to be_truthy
|
||||
expect(json_response['ticket']['number']).to be_truthy
|
||||
|
||||
travel 5.hours
|
||||
|
||||
post '/api/v1/form_submit', params: { fingerprint: fingerprint, token: token, name: 'Bob Smith', email: 'discard@znuny.com', title: 'test', body: 'hello' }, as: :json
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
|
||||
expect(json_response['errors']).to be_falsey
|
||||
expect(json_response['ticket']).to be_truthy
|
||||
expect(json_response['ticket']['id']).to be_truthy
|
||||
expect(json_response['ticket']['number']).to be_truthy
|
||||
|
||||
travel 20.hours
|
||||
|
||||
post '/api/v1/form_submit', params: { fingerprint: fingerprint, token: token, name: 'Bob Smith', email: 'discard@znuny.com', title: 'test', body: 'hello' }, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
|
||||
end
|
||||
|
||||
it 'does get config call & do submit' do
|
||||
Setting.set('form_ticket_create', true)
|
||||
fingerprint = SecureRandom.hex(40)
|
||||
post '/api/v1/form_config', params: { fingerprint: fingerprint }, as: :json
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['enabled']).to eq(true)
|
||||
expect(json_response['endpoint']).to eq('http://zammad.example.com/api/v1/form_submit')
|
||||
expect(json_response['token']).to be_truthy
|
||||
token = json_response['token']
|
||||
|
||||
post '/api/v1/form_submit', params: { fingerprint: fingerprint, token: 'invalid' }, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('Not authorized')
|
||||
|
||||
post '/api/v1/form_submit', params: { fingerprint: fingerprint, token: token }, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
|
||||
expect(json_response['errors']).to be_truthy
|
||||
expect(json_response['errors']['name']).to eq('required')
|
||||
expect(json_response['errors']['email']).to eq('required')
|
||||
expect(json_response['errors']['title']).to eq('required')
|
||||
expect(json_response['errors']['body']).to eq('required')
|
||||
|
||||
post '/api/v1/form_submit', params: { fingerprint: fingerprint, token: token, email: 'some' }, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
|
||||
expect(json_response['errors']).to be_truthy
|
||||
expect(json_response['errors']['name']).to eq('required')
|
||||
expect(json_response['errors']['email']).to eq('invalid')
|
||||
expect(json_response['errors']['title']).to eq('required')
|
||||
expect(json_response['errors']['body']).to eq('required')
|
||||
|
||||
post '/api/v1/form_submit', params: { fingerprint: fingerprint, token: token, name: 'Bob Smith', email: 'somebody@example.com', title: 'test', body: 'hello' }, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
|
||||
expect(json_response['errors']).to be_truthy
|
||||
expect(json_response['errors']['email']).to eq('invalid')
|
||||
|
||||
end
|
||||
|
||||
it 'does limits' do
|
||||
skip('No ES configured') if !SearchIndexBackend.enabled?
|
||||
|
||||
Setting.set('form_ticket_create', true)
|
||||
fingerprint = SecureRandom.hex(40)
|
||||
post '/api/v1/form_config', params: { fingerprint: fingerprint }, as: :json
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['enabled']).to eq(true)
|
||||
expect(json_response['endpoint']).to eq('http://zammad.example.com/api/v1/form_submit')
|
||||
expect(json_response['token']).to be_truthy
|
||||
token = json_response['token']
|
||||
|
||||
(1..20).each do |count|
|
||||
travel 10.seconds
|
||||
post '/api/v1/form_submit', params: { fingerprint: fingerprint, token: token, name: 'Bob Smith', email: 'discard@znuny.com', title: "test#{count}", body: 'hello' }, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
|
||||
expect(json_response['errors']).to be_falsey
|
||||
expect(json_response['errors']).to be_falsey
|
||||
expect(json_response['ticket']).to be_truthy
|
||||
expect(json_response['ticket']['id']).to be_truthy
|
||||
expect(json_response['ticket']['number']).to be_truthy
|
||||
Scheduler.worker(true)
|
||||
sleep 1 # wait until elasticsearch is index
|
||||
end
|
||||
|
||||
sleep 10 # wait until elasticsearch is index
|
||||
|
||||
post '/api/v1/form_submit', params: { fingerprint: fingerprint, token: token, name: 'Bob Smith', email: 'discard@znuny.com', title: 'test-last', body: 'hello' }, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to be_truthy
|
||||
|
||||
@headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json', 'REMOTE_ADDR' => '1.2.3.5' }
|
||||
|
||||
(1..20).each do |count|
|
||||
travel 10.seconds
|
||||
post '/api/v1/form_submit', params: { fingerprint: fingerprint, token: token, name: 'Bob Smith', email: 'discard@znuny.com', title: "test-2-#{count}", body: 'hello' }, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
|
||||
expect(json_response['errors']).to be_falsey
|
||||
expect(json_response['ticket']).to be_truthy
|
||||
expect(json_response['ticket']['id']).to be_truthy
|
||||
expect(json_response['ticket']['number']).to be_truthy
|
||||
Scheduler.worker(true)
|
||||
sleep 1 # wait until elasticsearch is index
|
||||
end
|
||||
|
||||
sleep 10 # wait until elasticsearch is index
|
||||
|
||||
post '/api/v1/form_submit', params: { fingerprint: fingerprint, token: token, name: 'Bob Smith', email: 'discard@znuny.com', title: 'test-2-last', body: 'hello' }, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to be_truthy
|
||||
end
|
||||
|
||||
it 'does customer_ticket_create false disables form' do
|
||||
Setting.set('form_ticket_create', false)
|
||||
Setting.set('customer_ticket_create', true)
|
||||
|
||||
fingerprint = SecureRandom.hex(40)
|
||||
|
||||
post '/api/v1/form_config', params: { fingerprint: fingerprint }, as: :json
|
||||
|
||||
token = json_response['token']
|
||||
params = {
|
||||
fingerprint: fingerprint,
|
||||
token: token,
|
||||
name: 'Bob Smith',
|
||||
email: 'discard@znuny.com',
|
||||
title: 'test',
|
||||
body: 'hello'
|
||||
}
|
||||
|
||||
post '/api/v1/form_submit', params: params, as: :json
|
||||
|
||||
expect(response).to have_http_status(401)
|
||||
end
|
||||
end
|
||||
end
|
237
spec/requests/integration/check_mk_spec.rb
Normal file
237
spec/requests/integration/check_mk_spec.rb
Normal file
|
@ -0,0 +1,237 @@
|
|||
require 'rails_helper'
|
||||
|
||||
RSpec.describe 'Integration Check MK', type: :request do
|
||||
|
||||
before(:each) do
|
||||
token = SecureRandom.urlsafe_base64(16)
|
||||
Setting.set('check_mk_token', token)
|
||||
Setting.set('check_mk_integration', true)
|
||||
end
|
||||
|
||||
describe 'request handling' do
|
||||
it 'does fail without a token' do
|
||||
post '/api/v1/integration/check_mk/', params: {}
|
||||
expect(response).to have_http_status(404)
|
||||
end
|
||||
|
||||
it 'does fail with invalid token and feature enabled' do
|
||||
post '/api/v1/integration/check_mk/invalid_token', params: {}
|
||||
expect(response).to have_http_status(422)
|
||||
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('Invalid token!')
|
||||
end
|
||||
|
||||
it 'does create and close a ticket' do
|
||||
params = {
|
||||
event_id: '123',
|
||||
state: 'down',
|
||||
host: 'some host',
|
||||
service: 'some service',
|
||||
}
|
||||
post "/api/v1/integration/check_mk/#{Setting.get('check_mk_token')}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['result']).to be_truthy
|
||||
expect(json_response['ticket_id']).to be_truthy
|
||||
expect(json_response['ticket_number']).to be_truthy
|
||||
|
||||
ticket = Ticket.find(json_response['ticket_id'])
|
||||
expect(ticket.state.name).to eq('new')
|
||||
expect(ticket.articles.count).to eq(1)
|
||||
|
||||
params = {
|
||||
event_id: '123',
|
||||
state: 'up',
|
||||
host: 'some host',
|
||||
service: 'some service',
|
||||
}
|
||||
post "/api/v1/integration/check_mk/#{Setting.get('check_mk_token')}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['result']).not_to be_empty
|
||||
expect(json_response['ticket_ids']).to include(ticket.id)
|
||||
|
||||
ticket.reload
|
||||
expect(ticket.state.name).to eq('closed')
|
||||
expect(ticket.articles.count).to eq(2)
|
||||
end
|
||||
|
||||
it 'does double create and auto close' do
|
||||
params = {
|
||||
event_id: '123',
|
||||
state: 'down',
|
||||
host: 'some host',
|
||||
service: 'some service',
|
||||
}
|
||||
post "/api/v1/integration/check_mk/#{Setting.get('check_mk_token')}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['result']).to be_truthy
|
||||
expect(json_response['ticket_id']).to be_truthy
|
||||
expect(json_response['ticket_number']).to be_truthy
|
||||
|
||||
ticket = Ticket.find(json_response['ticket_id'])
|
||||
expect(ticket.state.name).to eq('new')
|
||||
expect(ticket.articles.count).to eq(1)
|
||||
|
||||
params = {
|
||||
event_id: '123',
|
||||
state: 'down',
|
||||
host: 'some host',
|
||||
service: 'some service',
|
||||
}
|
||||
post "/api/v1/integration/check_mk/#{Setting.get('check_mk_token')}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['result']).to eq('ticket already open, added note')
|
||||
expect(json_response['ticket_ids']).to include(ticket.id)
|
||||
|
||||
ticket.reload
|
||||
expect(ticket.state.name).to eq('new')
|
||||
expect(ticket.articles.count).to eq(2)
|
||||
|
||||
params = {
|
||||
event_id: '123',
|
||||
state: 'up',
|
||||
host: 'some host',
|
||||
service: 'some service',
|
||||
}
|
||||
post "/api/v1/integration/check_mk/#{Setting.get('check_mk_token')}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['result']).to be_truthy
|
||||
expect(json_response['ticket_ids']).to include(ticket.id)
|
||||
|
||||
ticket.reload
|
||||
expect(ticket.state.name).to eq('closed')
|
||||
expect(ticket.articles.count).to eq(3)
|
||||
end
|
||||
|
||||
it 'does ticket close which get ignored' do
|
||||
params = {
|
||||
event_id: '123',
|
||||
state: 'up',
|
||||
host: 'some host',
|
||||
service: 'some service',
|
||||
}
|
||||
post "/api/v1/integration/check_mk/#{Setting.get('check_mk_token')}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['result']).to eq('no open tickets found, ignore action')
|
||||
end
|
||||
|
||||
it 'does double create and no auto close' do
|
||||
Setting.set('check_mk_auto_close', false)
|
||||
params = {
|
||||
event_id: '123',
|
||||
state: 'down',
|
||||
host: 'some host',
|
||||
service: 'some service',
|
||||
}
|
||||
post "/api/v1/integration/check_mk/#{Setting.get('check_mk_token')}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['result']).to be_truthy
|
||||
expect(json_response['ticket_id']).to be_truthy
|
||||
expect(json_response['ticket_number']).to be_truthy
|
||||
|
||||
ticket = Ticket.find(json_response['ticket_id'])
|
||||
expect(ticket.state.name).to eq('new')
|
||||
expect(ticket.articles.count).to eq(1)
|
||||
|
||||
params = {
|
||||
event_id: '123',
|
||||
state: 'down',
|
||||
host: 'some host',
|
||||
service: 'some service',
|
||||
}
|
||||
post "/api/v1/integration/check_mk/#{Setting.get('check_mk_token')}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['result']).to eq('ticket already open, added note')
|
||||
expect(json_response['ticket_ids']).to include(ticket.id)
|
||||
|
||||
ticket.reload
|
||||
expect(ticket.state.name).to eq('new')
|
||||
expect(ticket.articles.count).to eq(2)
|
||||
|
||||
params = {
|
||||
event_id: '123',
|
||||
state: 'up',
|
||||
host: 'some host',
|
||||
service: 'some service',
|
||||
}
|
||||
post "/api/v1/integration/check_mk/#{Setting.get('check_mk_token')}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['result']).to eq('ticket already open, added note')
|
||||
expect(json_response['ticket_ids']).to include(ticket.id)
|
||||
|
||||
ticket.reload
|
||||
expect(ticket.state.name).to eq('new')
|
||||
expect(ticket.articles.count).to eq(3)
|
||||
end
|
||||
|
||||
it 'does double create and auto close - host only' do
|
||||
params = {
|
||||
event_id: '123',
|
||||
state: 'down',
|
||||
host: 'some host',
|
||||
}
|
||||
post "/api/v1/integration/check_mk/#{Setting.get('check_mk_token')}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['result']).to be_truthy
|
||||
expect(json_response['ticket_id']).to be_truthy
|
||||
expect(json_response['ticket_number']).to be_truthy
|
||||
|
||||
ticket = Ticket.find(json_response['ticket_id'])
|
||||
expect(ticket.state.name).to eq('new')
|
||||
expect(ticket.articles.count).to eq(1)
|
||||
|
||||
params = {
|
||||
event_id: '123',
|
||||
state: 'down',
|
||||
host: 'some host',
|
||||
}
|
||||
post "/api/v1/integration/check_mk/#{Setting.get('check_mk_token')}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['result']).to eq('ticket already open, added note')
|
||||
expect(json_response['ticket_ids']).to include(ticket.id)
|
||||
|
||||
ticket.reload
|
||||
expect(ticket.state.name).to eq('new')
|
||||
expect(ticket.articles.count).to eq(2)
|
||||
|
||||
params = {
|
||||
event_id: '123',
|
||||
state: 'up',
|
||||
host: 'some host',
|
||||
}
|
||||
post "/api/v1/integration/check_mk/#{Setting.get('check_mk_token')}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['result']).to be_truthy
|
||||
expect(json_response['ticket_ids']).to include(ticket.id)
|
||||
|
||||
ticket.reload
|
||||
expect(ticket.state.name).to eq('closed')
|
||||
expect(ticket.articles.count).to eq(3)
|
||||
end
|
||||
end
|
||||
|
||||
end
|
477
spec/requests/integration/cti_spec.rb
Normal file
477
spec/requests/integration/cti_spec.rb
Normal file
|
@ -0,0 +1,477 @@
|
|||
require 'rails_helper'
|
||||
|
||||
RSpec.describe 'Integration CTI', type: :request do
|
||||
|
||||
let(:agent_user) do
|
||||
create(:agent_user)
|
||||
end
|
||||
let!(:customer_user1) do
|
||||
create(
|
||||
:customer_user,
|
||||
login: 'ticket-caller_id_cti-customer1@example.com',
|
||||
firstname: 'CallerId',
|
||||
lastname: 'Customer1',
|
||||
phone: '+49 99999 222222',
|
||||
fax: '+49 99999 222223',
|
||||
mobile: '+4912347114711',
|
||||
note: 'Phone at home: +49 99999 222224',
|
||||
)
|
||||
end
|
||||
let!(:customer_user2) do
|
||||
create(
|
||||
:customer_user,
|
||||
login: 'ticket-caller_id_cti-customer2@example.com',
|
||||
firstname: 'CallerId',
|
||||
lastname: 'Customer2',
|
||||
phone: '+49 99999 222222 2',
|
||||
)
|
||||
end
|
||||
let!(:customer_user3) do
|
||||
create(
|
||||
:customer_user,
|
||||
login: 'ticket-caller_id_cti-customer3@example.com',
|
||||
firstname: 'CallerId',
|
||||
lastname: 'Customer3',
|
||||
phone: '+49 99999 222222 2',
|
||||
)
|
||||
end
|
||||
|
||||
before(:each) do
|
||||
Cti::Log.destroy_all
|
||||
|
||||
Setting.set('cti_integration', true)
|
||||
Setting.set('cti_config', {
|
||||
outbound: {
|
||||
routing_table: [
|
||||
{
|
||||
dest: '41*',
|
||||
caller_id: '41715880339000',
|
||||
},
|
||||
{
|
||||
dest: '491714000000',
|
||||
caller_id: '41715880339000',
|
||||
},
|
||||
],
|
||||
default_caller_id: '4930777000000',
|
||||
},
|
||||
inbound: {
|
||||
block_caller_ids: [
|
||||
{
|
||||
caller_id: '491715000000',
|
||||
note: 'some note',
|
||||
}
|
||||
],
|
||||
notify_user_ids: {
|
||||
2 => true,
|
||||
4 => false,
|
||||
},
|
||||
}
|
||||
})
|
||||
|
||||
Cti::CallerId.rebuild
|
||||
end
|
||||
|
||||
describe 'request handling' do
|
||||
|
||||
it 'does token check' do
|
||||
params = 'event=newCall&direction=in&from=4912347114711&to=4930600000000&call_id=4991155921769858278-1&user%5B%5D=user+1&user%5B%5D=user+2'
|
||||
post '/api/v1/cti/not_existing_token', params: params
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('Invalid token, please contact your admin!')
|
||||
end
|
||||
|
||||
it 'does basic call' do
|
||||
token = Setting.get('cti_token')
|
||||
|
||||
# inbound - I
|
||||
params = 'event=newCall&direction=in&from=4912347114711&to=4930600000000&call_id=4991155921769858278-1&user%5B%5D=user+1&user%5B%5D=user+2'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response).to be_blank
|
||||
|
||||
# inbound - II - block caller
|
||||
params = 'event=newCall&direction=in&from=491715000000&to=4930600000000&call_id=4991155921769858278-2&user%5B%5D=user+1&user%5B%5D=user+2'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['action']).to eq('reject')
|
||||
expect(json_response['reason']).to eq('busy')
|
||||
|
||||
# outbound - I - set default_caller_id
|
||||
params = 'event=newCall&direction=out&from=4930600000000&to=4912347114711&call_id=8621106404543334274-3&user%5B%5D=user+1'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['action']).to eq('dial')
|
||||
expect(json_response['number']).to eq('4912347114711')
|
||||
expect(json_response['caller_id']).to eq('4930777000000')
|
||||
|
||||
# outbound - II - set caller_id based on routing_table by explicite number
|
||||
params = 'event=newCall&direction=out&from=4930600000000&to=491714000000&call_id=8621106404543334274-4&user%5B%5D=user+1'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['action']).to eq('dial')
|
||||
expect(json_response['number']).to eq('491714000000')
|
||||
expect(json_response['caller_id']).to eq('41715880339000')
|
||||
|
||||
# outbound - III - set caller_id based on routing_table by 41*
|
||||
params = 'event=newCall&direction=out&from=4930600000000&to=4147110000000&call_id=8621106404543334274-5&user%5B%5D=user+1'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['action']).to eq('dial')
|
||||
expect(json_response['number']).to eq('4147110000000')
|
||||
expect(json_response['caller_id']).to eq('41715880339000')
|
||||
|
||||
# no config
|
||||
Setting.set('cti_config', {})
|
||||
params = 'event=newCall&direction=in&from=4912347114711&to=4930600000000&call_id=4991155921769858278-6&user%5B%5D=user+1&user%5B%5D=user+2'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
expect(response).to have_http_status(422)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('Feature not configured, please contact your admin!')
|
||||
|
||||
end
|
||||
|
||||
it 'does log call' do
|
||||
token = Setting.get('cti_token')
|
||||
|
||||
# outbound - I - new call
|
||||
params = 'event=newCall&direction=out&from=4930600000000&to=4912347114711&call_id=1234567890-1&user%5B%5D=user+1'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-1')
|
||||
expect(log).to be_truthy
|
||||
expect(log.from).to eq('4930777000000')
|
||||
expect(log.to).to eq('4912347114711')
|
||||
expect(log.direction).to eq('out')
|
||||
expect(log.from_comment).to eq('user 1')
|
||||
expect(log.to_comment).to eq('CallerId Customer1')
|
||||
expect(log.comment).to be_nil
|
||||
expect(log.state).to eq('newCall')
|
||||
expect(log.done).to eq(true)
|
||||
expect(log.initialized_at).to be_truthy
|
||||
expect(log.start_at).to be_nil
|
||||
expect(log.end_at).to be_nil
|
||||
expect(log.duration_waiting_time).to be_nil
|
||||
expect(log.duration_talking_time).to be_nil
|
||||
|
||||
# outbound - I - hangup by agent
|
||||
params = 'event=hangup&direction=out&call_id=1234567890-1&cause=cancel'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-1')
|
||||
expect(log).to be_truthy
|
||||
expect(log.from).to eq('4930777000000')
|
||||
expect(log.to).to eq('4912347114711')
|
||||
expect(log.direction).to eq('out')
|
||||
expect(log.from_comment).to eq('user 1')
|
||||
expect(log.to_comment).to eq('CallerId Customer1')
|
||||
expect(log.comment).to eq('cancel')
|
||||
expect(log.state).to eq('hangup')
|
||||
expect(log.done).to eq(true)
|
||||
expect(log.initialized_at).to be_truthy
|
||||
expect(log.start_at).to be_nil
|
||||
expect(log.end_at).to be_truthy
|
||||
expect(log.duration_waiting_time).to be_truthy
|
||||
expect(log.duration_talking_time).to be_nil
|
||||
|
||||
# outbound - II - new call
|
||||
params = 'event=newCall&direction=out&from=4930600000000&to=4912347114711&call_id=1234567890-2&user%5B%5D=user+1'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-2')
|
||||
expect(log).to be_truthy
|
||||
expect(log.from).to eq('4930777000000')
|
||||
expect(log.to).to eq('4912347114711')
|
||||
expect(log.direction).to eq('out')
|
||||
expect(log.from_comment).to eq('user 1')
|
||||
expect(log.to_comment).to eq('CallerId Customer1')
|
||||
expect(log.comment).to be_nil
|
||||
expect(log.state).to eq('newCall')
|
||||
expect(log.done).to eq(true)
|
||||
expect(log.initialized_at).to be_truthy
|
||||
expect(log.start_at).to be_nil
|
||||
expect(log.end_at).to be_nil
|
||||
expect(log.duration_waiting_time).to be_nil
|
||||
expect(log.duration_talking_time).to be_nil
|
||||
|
||||
# outbound - II - answer by customer
|
||||
params = 'event=answer&direction=out&call_id=1234567890-2&from=4930600000000&to=4912347114711'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-2')
|
||||
expect(log).to be_truthy
|
||||
expect(log.from).to eq('4930777000000')
|
||||
expect(log.to).to eq('4912347114711')
|
||||
expect(log.direction).to eq('out')
|
||||
expect(log.from_comment).to eq('user 1')
|
||||
expect(log.to_comment).to eq('CallerId Customer1')
|
||||
expect(log.comment).to be_nil
|
||||
expect(log.state).to eq('answer')
|
||||
expect(log.done).to eq(true)
|
||||
expect(log.initialized_at).to be_truthy
|
||||
expect(log.start_at).to be_truthy
|
||||
expect(log.end_at).to be_nil
|
||||
expect(log.duration_waiting_time).to be_truthy
|
||||
expect(log.duration_talking_time).to be_nil
|
||||
|
||||
# outbound - II - hangup by customer
|
||||
params = 'event=hangup&direction=out&call_id=1234567890-2&cause=normalClearing&from=4930600000000&to=4912347114711'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-2')
|
||||
expect(log).to be_truthy
|
||||
expect(log.from).to eq('4930777000000')
|
||||
expect(log.to).to eq('4912347114711')
|
||||
expect(log.direction).to eq('out')
|
||||
expect(log.from_comment).to eq('user 1')
|
||||
expect(log.to_comment).to eq('CallerId Customer1')
|
||||
expect(log.comment).to eq('normalClearing')
|
||||
expect(log.state).to eq('hangup')
|
||||
expect(log.done).to eq(true)
|
||||
expect(log.initialized_at).to be_truthy
|
||||
expect(log.start_at).to be_truthy
|
||||
expect(log.end_at).to be_truthy
|
||||
expect(log.duration_waiting_time).to be_truthy
|
||||
expect(log.duration_talking_time).to be_truthy
|
||||
|
||||
# inbound - I - new call
|
||||
params = 'event=newCall&direction=in&to=4930600000000&from=4912347114711&call_id=1234567890-3&user%5B%5D=user+1'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-3')
|
||||
expect(log).to be_truthy
|
||||
expect(log.to).to eq('4930600000000')
|
||||
expect(log.from).to eq('4912347114711')
|
||||
expect(log.direction).to eq('in')
|
||||
expect(log.to_comment).to eq('user 1')
|
||||
expect(log.from_comment).to eq('CallerId Customer1')
|
||||
expect(log.comment).to be_nil
|
||||
expect(log.state).to eq('newCall')
|
||||
expect(log.done).to eq(false)
|
||||
expect(log.initialized_at).to be_truthy
|
||||
expect(log.start_at).to be_nil
|
||||
expect(log.end_at).to be_nil
|
||||
expect(log.duration_waiting_time).to be_nil
|
||||
expect(log.duration_talking_time).to be_nil
|
||||
|
||||
# inbound - I - answer by customer
|
||||
params = 'event=answer&direction=in&call_id=1234567890-3&to=4930600000000&from=4912347114711'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-3')
|
||||
expect(log).to be_truthy
|
||||
expect(log.to).to eq('4930600000000')
|
||||
expect(log.from).to eq('4912347114711')
|
||||
expect(log.direction).to eq('in')
|
||||
expect(log.to_comment).to eq('user 1')
|
||||
expect(log.from_comment).to eq('CallerId Customer1')
|
||||
expect(log.comment).to be_nil
|
||||
expect(log.state).to eq('answer')
|
||||
expect(log.done).to eq(true)
|
||||
expect(log.initialized_at).to be_truthy
|
||||
expect(log.start_at).to be_truthy
|
||||
expect(log.end_at).to be_nil
|
||||
expect(log.duration_waiting_time).to be_truthy
|
||||
expect(log.duration_talking_time).to be_nil
|
||||
|
||||
# inbound - I - hangup by customer
|
||||
params = 'event=hangup&direction=in&call_id=1234567890-3&cause=normalClearing&to=4930600000000&from=4912347114711'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-3')
|
||||
expect(log).to be_truthy
|
||||
expect(log.to).to eq('4930600000000')
|
||||
expect(log.from).to eq('4912347114711')
|
||||
expect(log.direction).to eq('in')
|
||||
expect(log.to_comment).to eq('user 1')
|
||||
expect(log.from_comment).to eq('CallerId Customer1')
|
||||
expect(log.comment).to eq('normalClearing')
|
||||
expect(log.state).to eq('hangup')
|
||||
expect(log.done).to eq(true)
|
||||
expect(log.initialized_at).to be_truthy
|
||||
expect(log.start_at).to be_truthy
|
||||
expect(log.end_at).to be_truthy
|
||||
expect(log.duration_waiting_time).to be_truthy
|
||||
expect(log.duration_talking_time).to be_truthy
|
||||
|
||||
# inbound - II - new call
|
||||
params = 'event=newCall&direction=in&to=4930600000000&from=4912347114711&call_id=1234567890-4&user%5B%5D=user+1,user+2'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-4')
|
||||
expect(log).to be_truthy
|
||||
expect(log.to).to eq('4930600000000')
|
||||
expect(log.from).to eq('4912347114711')
|
||||
expect(log.direction).to eq('in')
|
||||
expect(log.to_comment).to eq('user 1,user 2')
|
||||
expect(log.from_comment).to eq('CallerId Customer1')
|
||||
expect(log.comment).to be_nil
|
||||
expect(log.state).to eq('newCall')
|
||||
expect(log.done).to eq(false)
|
||||
expect(log.initialized_at).to be_truthy
|
||||
expect(log.start_at).to be_nil
|
||||
expect(log.end_at).to be_nil
|
||||
expect(log.duration_waiting_time).to be_nil
|
||||
expect(log.duration_talking_time).to be_nil
|
||||
|
||||
# inbound - II - answer by voicemail
|
||||
params = 'event=answer&direction=in&call_id=1234567890-4&to=4930600000000&from=4912347114711&user=voicemail'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-4')
|
||||
expect(log).to be_truthy
|
||||
expect(log.to).to eq('4930600000000')
|
||||
expect(log.from).to eq('4912347114711')
|
||||
expect(log.direction).to eq('in')
|
||||
expect(log.to_comment).to eq('voicemail')
|
||||
expect(log.from_comment).to eq('CallerId Customer1')
|
||||
expect(log.comment).to be_nil
|
||||
expect(log.state).to eq('answer')
|
||||
expect(log.done).to eq(true)
|
||||
expect(log.initialized_at).to be_truthy
|
||||
expect(log.start_at).to be_truthy
|
||||
expect(log.end_at).to be_nil
|
||||
expect(log.duration_waiting_time).to be_truthy
|
||||
expect(log.duration_talking_time).to be_nil
|
||||
|
||||
# inbound - II - hangup by customer
|
||||
params = 'event=hangup&direction=in&call_id=1234567890-4&cause=normalClearing&to=4930600000000&from=4912347114711'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-4')
|
||||
expect(log).to be_truthy
|
||||
expect(log.to).to eq('4930600000000')
|
||||
expect(log.from).to eq('4912347114711')
|
||||
expect(log.direction).to eq('in')
|
||||
expect(log.to_comment).to eq('voicemail')
|
||||
expect(log.from_comment).to eq('CallerId Customer1')
|
||||
expect(log.comment).to eq('normalClearing')
|
||||
expect(log.state).to eq('hangup')
|
||||
expect(log.done).to eq(false)
|
||||
expect(log.initialized_at).to be_truthy
|
||||
expect(log.start_at).to be_truthy
|
||||
expect(log.end_at).to be_truthy
|
||||
expect(log.duration_waiting_time).to be_truthy
|
||||
expect(log.duration_talking_time).to be_truthy
|
||||
|
||||
# inbound - III - new call
|
||||
params = 'event=newCall&direction=in&to=4930600000000&from=4912347114711&call_id=1234567890-5&user%5B%5D=user+1,user+2'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-5')
|
||||
expect(log).to be_truthy
|
||||
expect(log.to).to eq('4930600000000')
|
||||
expect(log.from).to eq('4912347114711')
|
||||
expect(log.direction).to eq('in')
|
||||
expect(log.to_comment).to eq('user 1,user 2')
|
||||
expect(log.from_comment).to eq('CallerId Customer1')
|
||||
expect(log.comment).to be_nil
|
||||
expect(log.state).to eq('newCall')
|
||||
expect(log.done).to eq(false)
|
||||
expect(log.initialized_at).to be_truthy
|
||||
expect(log.start_at).to be_nil
|
||||
expect(log.end_at).to be_nil
|
||||
expect(log.duration_waiting_time).to be_nil
|
||||
expect(log.duration_talking_time).to be_nil
|
||||
|
||||
# inbound - III - hangup by customer
|
||||
params = 'event=hangup&direction=in&call_id=1234567890-5&cause=normalClearing&to=4930600000000&from=4912347114711'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-5')
|
||||
expect(log).to be_truthy
|
||||
expect(log.to).to eq('4930600000000')
|
||||
expect(log.from).to eq('4912347114711')
|
||||
expect(log.direction).to eq('in')
|
||||
expect(log.to_comment).to eq('user 1,user 2')
|
||||
expect(log.from_comment).to eq('CallerId Customer1')
|
||||
expect(log.comment).to eq('normalClearing')
|
||||
expect(log.state).to eq('hangup')
|
||||
expect(log.done).to eq(false)
|
||||
expect(log.initialized_at).to be_truthy
|
||||
expect(log.start_at).to be_nil
|
||||
expect(log.end_at).to be_truthy
|
||||
expect(log.duration_waiting_time).to be_truthy
|
||||
expect(log.duration_talking_time).to be_nil
|
||||
|
||||
# inbound - IV - new call
|
||||
params = 'event=newCall&direction=in&to=4930600000000&from=49999992222222&call_id=1234567890-6&user%5B%5D=user+1,user+2'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-6')
|
||||
expect(log).to be_truthy
|
||||
expect(log.to).to eq('4930600000000')
|
||||
expect(log.from).to eq('49999992222222')
|
||||
expect(log.direction).to eq('in')
|
||||
expect(log.to_comment).to eq('user 1,user 2')
|
||||
expect(log.from_comment).to eq('CallerId Customer3,CallerId Customer2')
|
||||
expect(log.preferences['to']).to be_falsey
|
||||
expect(log.preferences['from']).to be_truthy
|
||||
expect(log.comment).to be_nil
|
||||
expect(log.state).to eq('newCall')
|
||||
expect(log.done).to eq(false)
|
||||
expect(log.initialized_at).to be_truthy
|
||||
expect(log.start_at).to be_nil
|
||||
expect(log.end_at).to be_nil
|
||||
expect(log.duration_waiting_time).to be_nil
|
||||
expect(log.duration_talking_time).to be_nil
|
||||
|
||||
# inbound - IV - new call
|
||||
params = 'event=newCall&direction=in&to=4930600000000&from=anonymous&call_id=1234567890-7&user%5B%5D=user+1,user+2'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
expect(response).to have_http_status(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-7')
|
||||
expect(log).to be_truthy
|
||||
expect(log.to).to eq('4930600000000')
|
||||
expect(log.from).to eq('anonymous')
|
||||
expect(log.direction).to eq('in')
|
||||
expect(log.to_comment).to eq('user 1,user 2')
|
||||
expect(log.from_comment).to be_nil
|
||||
expect(log.preferences['to']).to be_falsey
|
||||
expect(log.preferences['from']).to be_falsey
|
||||
expect(log.comment).to be_nil
|
||||
expect(log.state).to eq('newCall')
|
||||
expect(log.done).to eq(false)
|
||||
expect(log.initialized_at).to be_truthy
|
||||
expect(log.start_at).to be_nil
|
||||
expect(log.end_at).to be_nil
|
||||
expect(log.duration_waiting_time).to be_nil
|
||||
expect(log.duration_talking_time).to be_nil
|
||||
|
||||
# get caller list
|
||||
get '/api/v1/cti/log'
|
||||
expect(response).to have_http_status(401)
|
||||
|
||||
authenticated_as(agent_user)
|
||||
get '/api/v1/cti/log', as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response['list']).to be_a_kind_of(Array)
|
||||
expect(json_response['list'].count).to eq(7)
|
||||
expect(json_response['assets']).to be_truthy
|
||||
expect(json_response['assets']['User']).to be_truthy
|
||||
expect(json_response['assets']['User'][customer_user2.id.to_s]).to be_truthy
|
||||
expect(json_response['assets']['User'][customer_user3.id.to_s]).to be_truthy
|
||||
expect(json_response['list'][0]['call_id']).to eq('1234567890-7')
|
||||
expect(json_response['list'][1]['call_id']).to eq('1234567890-6')
|
||||
expect(json_response['list'][2]['call_id']).to eq('1234567890-5')
|
||||
expect(json_response['list'][3]['call_id']).to eq('1234567890-4')
|
||||
expect(json_response['list'][4]['call_id']).to eq('1234567890-3')
|
||||
expect(json_response['list'][5]['call_id']).to eq('1234567890-2')
|
||||
expect(json_response['list'][5]['state']).to eq('hangup')
|
||||
expect(json_response['list'][5]['from']).to eq('4930777000000')
|
||||
expect(json_response['list'][5]['from_comment']).to eq('user 1')
|
||||
expect(json_response['list'][5]['to']).to eq('4912347114711')
|
||||
expect(json_response['list'][5]['to_comment']).to eq('CallerId Customer1')
|
||||
expect(json_response['list'][5]['comment']).to eq('normalClearing')
|
||||
expect(json_response['list'][5]['state']).to eq('hangup')
|
||||
expect(json_response['list'][6]['call_id']).to eq('1234567890-1')
|
||||
end
|
||||
end
|
||||
end
|
445
spec/requests/integration/sipgate_spec.rb
Normal file
445
spec/requests/integration/sipgate_spec.rb
Normal file
|
@ -0,0 +1,445 @@
|
|||
require 'rails_helper'
|
||||
|
||||
RSpec.describe 'Integration Sipgate', type: :request do
|
||||
|
||||
let(:agent_user) do
|
||||
create(:agent_user)
|
||||
end
|
||||
let!(:customer_user1) do
|
||||
create(
|
||||
:customer_user,
|
||||
login: 'ticket-caller_id_cti-customer1@example.com',
|
||||
firstname: 'CallerId',
|
||||
lastname: 'Customer1',
|
||||
phone: '+49 99999 222222',
|
||||
fax: '+49 99999 222223',
|
||||
mobile: '+4912347114711',
|
||||
note: 'Phone at home: +49 99999 222224',
|
||||
)
|
||||
end
|
||||
let!(:customer_user2) do
|
||||
create(
|
||||
:customer_user,
|
||||
login: 'ticket-caller_id_cti-customer2@example.com',
|
||||
firstname: 'CallerId',
|
||||
lastname: 'Customer2',
|
||||
phone: '+49 99999 222222 2',
|
||||
)
|
||||
end
|
||||
let!(:customer_user3) do
|
||||
create(
|
||||
:customer_user,
|
||||
login: 'ticket-caller_id_cti-customer3@example.com',
|
||||
firstname: 'CallerId',
|
||||
lastname: 'Customer3',
|
||||
phone: '+49 99999 222222 2',
|
||||
)
|
||||
end
|
||||
|
||||
before(:each) do
|
||||
Cti::Log.destroy_all
|
||||
|
||||
Setting.set('sipgate_integration', true)
|
||||
Setting.set('sipgate_config', {
|
||||
outbound: {
|
||||
routing_table: [
|
||||
{
|
||||
dest: '41*',
|
||||
caller_id: '41715880339000',
|
||||
},
|
||||
{
|
||||
dest: '491714000000',
|
||||
caller_id: '41715880339000',
|
||||
},
|
||||
],
|
||||
default_caller_id: '4930777000000',
|
||||
},
|
||||
inbound: {
|
||||
block_caller_ids: [
|
||||
{
|
||||
caller_id: '491715000000',
|
||||
note: 'some note',
|
||||
}
|
||||
],
|
||||
notify_user_ids: {
|
||||
2 => true,
|
||||
4 => false,
|
||||
},
|
||||
}
|
||||
},)
|
||||
|
||||
Cti::CallerId.rebuild
|
||||
end
|
||||
|
||||
describe 'request handling' do
|
||||
|
||||
it 'does basic call' do
|
||||
|
||||
# inbound - I
|
||||
params = 'event=newCall&direction=in&from=4912347114711&to=4930600000000&callId=4991155921769858278-1&user%5B%5D=user+1&user%5B%5D=user+2'
|
||||
post '/api/v1/sipgate/in', params: params
|
||||
expect(@response).to have_http_status(200)
|
||||
on_hangup = nil
|
||||
on_answer = nil
|
||||
content = @response.body
|
||||
response = REXML::Document.new(content)
|
||||
response.elements.each('Response') do |element|
|
||||
on_hangup = element.attributes['onHangup']
|
||||
on_answer = element.attributes['onAnswer']
|
||||
end
|
||||
expect(on_hangup).to eq('http://zammad.example.com/api/v1/sipgate/in')
|
||||
expect(on_answer).to eq('http://zammad.example.com/api/v1/sipgate/in')
|
||||
|
||||
# inbound - II - block caller
|
||||
params = 'event=newCall&direction=in&from=491715000000&to=4930600000000&callId=4991155921769858278-2&user%5B%5D=user+1&user%5B%5D=user+2'
|
||||
post '/api/v1/sipgate/in', params: params
|
||||
expect(@response).to have_http_status(200)
|
||||
on_hangup = nil
|
||||
on_answer = nil
|
||||
content = @response.body
|
||||
response = REXML::Document.new(content)
|
||||
response.elements.each('Response') do |element|
|
||||
on_hangup = element.attributes['onHangup']
|
||||
on_answer = element.attributes['onAnswer']
|
||||
end
|
||||
expect(on_hangup).to eq('http://zammad.example.com/api/v1/sipgate/in')
|
||||
expect(on_answer).to eq('http://zammad.example.com/api/v1/sipgate/in')
|
||||
reason = nil
|
||||
response.elements.each('Response/Reject') do |element|
|
||||
reason = element.attributes['reason']
|
||||
end
|
||||
expect(reason).to eq('busy')
|
||||
|
||||
# outbound - I - set default_caller_id
|
||||
params = 'event=newCall&direction=out&from=4930600000000&to=4912347114711&callId=8621106404543334274-3&user%5B%5D=user+1'
|
||||
post '/api/v1/sipgate/out', params: params
|
||||
expect(@response).to have_http_status(200)
|
||||
on_hangup = nil
|
||||
on_answer = nil
|
||||
caller_id = nil
|
||||
number_to_dail = nil
|
||||
content = @response.body
|
||||
response = REXML::Document.new(content)
|
||||
response.elements.each('Response') do |element|
|
||||
on_hangup = element.attributes['onHangup']
|
||||
on_answer = element.attributes['onAnswer']
|
||||
end
|
||||
response.elements.each('Response/Dial') do |element|
|
||||
caller_id = element.attributes['callerId']
|
||||
end
|
||||
response.elements.each('Response/Dial/Number') do |element|
|
||||
number_to_dail = element.text
|
||||
end
|
||||
expect(caller_id).to eq('4930777000000')
|
||||
expect(number_to_dail).to eq('4912347114711')
|
||||
expect(on_hangup).to eq('http://zammad.example.com/api/v1/sipgate/out')
|
||||
expect(on_answer).to eq('http://zammad.example.com/api/v1/sipgate/out')
|
||||
|
||||
# outbound - II - set caller_id based on routing_table by explicite number
|
||||
params = 'event=newCall&direction=out&from=4930600000000&to=491714000000&callId=8621106404543334274-4&user%5B%5D=user+1'
|
||||
post '/api/v1/sipgate/out', params: params
|
||||
expect(@response).to have_http_status(200)
|
||||
on_hangup = nil
|
||||
on_answer = nil
|
||||
caller_id = nil
|
||||
number_to_dail = nil
|
||||
content = @response.body
|
||||
response = REXML::Document.new(content)
|
||||
response.elements.each('Response') do |element|
|
||||
on_hangup = element.attributes['onHangup']
|
||||
on_answer = element.attributes['onAnswer']
|
||||
end
|
||||
response.elements.each('Response/Dial') do |element|
|
||||
caller_id = element.attributes['callerId']
|
||||
end
|
||||
response.elements.each('Response/Dial/Number') do |element|
|
||||
number_to_dail = element.text
|
||||
end
|
||||
expect(caller_id).to eq('41715880339000')
|
||||
expect(number_to_dail).to eq('491714000000')
|
||||
expect(on_hangup).to eq('http://zammad.example.com/api/v1/sipgate/out')
|
||||
expect(on_answer).to eq('http://zammad.example.com/api/v1/sipgate/out')
|
||||
|
||||
# outbound - III - set caller_id based on routing_table by 41*
|
||||
params = 'event=newCall&direction=out&from=4930600000000&to=4147110000000&callId=8621106404543334274-5&user%5B%5D=user+1'
|
||||
post '/api/v1/sipgate/out', params: params
|
||||
expect(@response).to have_http_status(200)
|
||||
on_hangup = nil
|
||||
on_answer = nil
|
||||
caller_id = nil
|
||||
number_to_dail = nil
|
||||
content = @response.body
|
||||
response = REXML::Document.new(content)
|
||||
response.elements.each('Response') do |element|
|
||||
on_hangup = element.attributes['onHangup']
|
||||
on_answer = element.attributes['onAnswer']
|
||||
end
|
||||
response.elements.each('Response/Dial') do |element|
|
||||
caller_id = element.attributes['callerId']
|
||||
end
|
||||
response.elements.each('Response/Dial/Number') do |element|
|
||||
number_to_dail = element.text
|
||||
end
|
||||
expect(caller_id).to eq('41715880339000')
|
||||
expect(number_to_dail).to eq('4147110000000')
|
||||
expect(on_hangup).to eq('http://zammad.example.com/api/v1/sipgate/out')
|
||||
expect(on_answer).to eq('http://zammad.example.com/api/v1/sipgate/out')
|
||||
|
||||
# no config
|
||||
Setting.set('sipgate_config', {})
|
||||
params = 'event=newCall&direction=in&from=4912347114711&to=4930600000000&callId=4991155921769858278-6&user%5B%5D=user+1&user%5B%5D=user+2'
|
||||
post '/api/v1/sipgate/in', params: params
|
||||
expect(@response).to have_http_status(422)
|
||||
error = nil
|
||||
content = @response.body
|
||||
response = REXML::Document.new(content)
|
||||
response.elements.each('Response/Error') do |element|
|
||||
error = element.text
|
||||
end
|
||||
expect(error).to eq('Feature not configured, please contact your admin!')
|
||||
|
||||
end
|
||||
|
||||
it 'does log call' do
|
||||
|
||||
# outbound - I - new call
|
||||
params = 'event=newCall&direction=out&from=4930600000000&to=4912347114711&callId=1234567890-1&user%5B%5D=user+1'
|
||||
post '/api/v1/sipgate/out', params: params
|
||||
expect(@response).to have_http_status(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-1')
|
||||
expect(log).to be_truthy
|
||||
expect(log.from).to eq('4930777000000')
|
||||
expect(log.to).to eq('4912347114711')
|
||||
expect(log.direction).to eq('out')
|
||||
expect(log.from_comment).to eq('user 1')
|
||||
expect(log.to_comment).to eq('CallerId Customer1')
|
||||
expect(log.comment).to be_nil
|
||||
expect(log.state).to eq('newCall')
|
||||
expect(log.done).to eq(true)
|
||||
|
||||
# outbound - I - hangup by agent
|
||||
params = 'event=hangup&direction=out&callId=1234567890-1&cause=cancel'
|
||||
post '/api/v1/sipgate/out', params: params
|
||||
expect(@response).to have_http_status(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-1')
|
||||
expect(log).to be_truthy
|
||||
expect(log.from).to eq('4930777000000')
|
||||
expect(log.to).to eq('4912347114711')
|
||||
expect(log.direction).to eq('out')
|
||||
expect(log.from_comment).to eq('user 1')
|
||||
expect(log.to_comment).to eq('CallerId Customer1')
|
||||
expect(log.comment).to eq('cancel')
|
||||
expect(log.state).to eq('hangup')
|
||||
expect(log.done).to eq(true)
|
||||
|
||||
# outbound - II - new call
|
||||
params = 'event=newCall&direction=out&from=4930600000000&to=4912347114711&callId=1234567890-2&user%5B%5D=user+1'
|
||||
post '/api/v1/sipgate/out', params: params
|
||||
expect(@response).to have_http_status(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-2')
|
||||
expect(log).to be_truthy
|
||||
expect(log.from).to eq('4930777000000')
|
||||
expect(log.to).to eq('4912347114711')
|
||||
expect(log.direction).to eq('out')
|
||||
expect(log.from_comment).to eq('user 1')
|
||||
expect(log.to_comment).to eq('CallerId Customer1')
|
||||
expect(log.comment).to be_nil
|
||||
expect(log.state).to eq('newCall')
|
||||
expect(log.done).to eq(true)
|
||||
|
||||
# outbound - II - answer by customer
|
||||
params = 'event=answer&direction=out&callId=1234567890-2&from=4930600000000&to=4912347114711'
|
||||
post '/api/v1/sipgate/out', params: params
|
||||
expect(@response).to have_http_status(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-2')
|
||||
expect(log).to be_truthy
|
||||
expect(log.from).to eq('4930777000000')
|
||||
expect(log.to).to eq('4912347114711')
|
||||
expect(log.direction).to eq('out')
|
||||
expect(log.from_comment).to eq('user 1')
|
||||
expect(log.to_comment).to eq('CallerId Customer1')
|
||||
expect(log.comment).to be_nil
|
||||
expect(log.state).to eq('answer')
|
||||
expect(log.done).to eq(true)
|
||||
|
||||
# outbound - II - hangup by customer
|
||||
params = 'event=hangup&direction=out&callId=1234567890-2&cause=normalClearing&from=4930600000000&to=4912347114711'
|
||||
post '/api/v1/sipgate/out', params: params
|
||||
expect(@response).to have_http_status(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-2')
|
||||
expect(log).to be_truthy
|
||||
expect(log.from).to eq('4930777000000')
|
||||
expect(log.to).to eq('4912347114711')
|
||||
expect(log.direction).to eq('out')
|
||||
expect(log.from_comment).to eq('user 1')
|
||||
expect(log.to_comment).to eq('CallerId Customer1')
|
||||
expect(log.comment).to eq('normalClearing')
|
||||
expect(log.state).to eq('hangup')
|
||||
expect(log.done).to eq(true)
|
||||
|
||||
# inbound - I - new call
|
||||
params = 'event=newCall&direction=in&to=4930600000000&from=4912347114711&callId=1234567890-3&user%5B%5D=user+1'
|
||||
post '/api/v1/sipgate/in', params: params
|
||||
expect(@response).to have_http_status(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-3')
|
||||
expect(log).to be_truthy
|
||||
expect(log.to).to eq('4930600000000')
|
||||
expect(log.from).to eq('4912347114711')
|
||||
expect(log.direction).to eq('in')
|
||||
expect(log.to_comment).to eq('user 1')
|
||||
expect(log.from_comment).to eq('CallerId Customer1')
|
||||
expect(log.comment).to be_nil
|
||||
expect(log.state).to eq('newCall')
|
||||
expect(log.done).to eq(false)
|
||||
|
||||
# inbound - I - answer by customer
|
||||
params = 'event=answer&direction=in&callId=1234567890-3&to=4930600000000&from=4912347114711'
|
||||
post '/api/v1/sipgate/in', params: params
|
||||
expect(@response).to have_http_status(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-3')
|
||||
expect(log).to be_truthy
|
||||
expect(log.to).to eq('4930600000000')
|
||||
expect(log.from).to eq('4912347114711')
|
||||
expect(log.direction).to eq('in')
|
||||
expect(log.to_comment).to eq('user 1')
|
||||
expect(log.from_comment).to eq('CallerId Customer1')
|
||||
expect(log.comment).to be_nil
|
||||
expect(log.state).to eq('answer')
|
||||
expect(log.done).to eq(true)
|
||||
|
||||
# inbound - I - hangup by customer
|
||||
params = 'event=hangup&direction=in&callId=1234567890-3&cause=normalClearing&to=4930600000000&from=4912347114711'
|
||||
post '/api/v1/sipgate/in', params: params
|
||||
expect(@response).to have_http_status(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-3')
|
||||
expect(log).to be_truthy
|
||||
expect(log.to).to eq('4930600000000')
|
||||
expect(log.from).to eq('4912347114711')
|
||||
expect(log.direction).to eq('in')
|
||||
expect(log.to_comment).to eq('user 1')
|
||||
expect(log.from_comment).to eq('CallerId Customer1')
|
||||
expect(log.comment).to eq('normalClearing')
|
||||
expect(log.state).to eq('hangup')
|
||||
expect(log.done).to eq(true)
|
||||
|
||||
# inbound - II - new call
|
||||
params = 'event=newCall&direction=in&to=4930600000000&from=4912347114711&callId=1234567890-4&user%5B%5D=user+1,user+2'
|
||||
post '/api/v1/sipgate/in', params: params
|
||||
expect(@response).to have_http_status(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-4')
|
||||
expect(log).to be_truthy
|
||||
expect(log.to).to eq('4930600000000')
|
||||
expect(log.from).to eq('4912347114711')
|
||||
expect(log.direction).to eq('in')
|
||||
expect(log.to_comment).to eq('user 1,user 2')
|
||||
expect(log.from_comment).to eq('CallerId Customer1')
|
||||
expect(log.comment).to be_nil
|
||||
expect(log.state).to eq('newCall')
|
||||
expect(log.done).to eq(false)
|
||||
|
||||
# inbound - II - answer by voicemail
|
||||
params = 'event=answer&direction=in&callId=1234567890-4&to=4930600000000&from=4912347114711&user=voicemail'
|
||||
post '/api/v1/sipgate/in', params: params
|
||||
expect(@response).to have_http_status(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-4')
|
||||
expect(log).to be_truthy
|
||||
expect(log.to).to eq('4930600000000')
|
||||
expect(log.from).to eq('4912347114711')
|
||||
expect(log.direction).to eq('in')
|
||||
expect(log.to_comment).to eq('voicemail')
|
||||
expect(log.from_comment).to eq('CallerId Customer1')
|
||||
expect(log.comment).to be_nil
|
||||
expect(log.state).to eq('answer')
|
||||
expect(log.done).to eq(true)
|
||||
|
||||
# inbound - II - hangup by customer
|
||||
params = 'event=hangup&direction=in&callId=1234567890-4&cause=normalClearing&to=4930600000000&from=4912347114711'
|
||||
post '/api/v1/sipgate/in', params: params
|
||||
expect(@response).to have_http_status(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-4')
|
||||
expect(log).to be_truthy
|
||||
expect(log.to).to eq('4930600000000')
|
||||
expect(log.from).to eq('4912347114711')
|
||||
expect(log.direction).to eq('in')
|
||||
expect(log.to_comment).to eq('voicemail')
|
||||
expect(log.from_comment).to eq('CallerId Customer1')
|
||||
expect(log.comment).to eq('normalClearing')
|
||||
expect(log.state).to eq('hangup')
|
||||
expect(log.done).to eq(false)
|
||||
|
||||
# inbound - III - new call
|
||||
params = 'event=newCall&direction=in&to=4930600000000&from=4912347114711&callId=1234567890-5&user%5B%5D=user+1,user+2'
|
||||
post '/api/v1/sipgate/in', params: params
|
||||
expect(@response).to have_http_status(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-5')
|
||||
expect(log).to be_truthy
|
||||
expect(log.to).to eq('4930600000000')
|
||||
expect(log.from).to eq('4912347114711')
|
||||
expect(log.direction).to eq('in')
|
||||
expect(log.to_comment).to eq('user 1,user 2')
|
||||
expect(log.from_comment).to eq('CallerId Customer1')
|
||||
expect(log.comment).to be_nil
|
||||
expect(log.state).to eq('newCall')
|
||||
expect(log.done).to eq(false)
|
||||
|
||||
# inbound - III - hangup by customer
|
||||
params = 'event=hangup&direction=in&callId=1234567890-5&cause=normalClearing&to=4930600000000&from=4912347114711'
|
||||
post '/api/v1/sipgate/in', params: params
|
||||
expect(@response).to have_http_status(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-5')
|
||||
expect(log).to be_truthy
|
||||
expect(log.to).to eq('4930600000000')
|
||||
expect(log.from).to eq('4912347114711')
|
||||
expect(log.direction).to eq('in')
|
||||
expect(log.to_comment).to eq('user 1,user 2')
|
||||
expect(log.from_comment).to eq('CallerId Customer1')
|
||||
expect(log.comment).to eq('normalClearing')
|
||||
expect(log.state).to eq('hangup')
|
||||
expect(log.done).to eq(false)
|
||||
|
||||
# inbound - IV - new call
|
||||
params = 'event=newCall&direction=in&to=4930600000000&from=49999992222222&callId=1234567890-6&user%5B%5D=user+1,user+2'
|
||||
post '/api/v1/sipgate/in', params: params
|
||||
expect(@response).to have_http_status(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-6')
|
||||
expect(log).to be_truthy
|
||||
expect(log.to).to eq('4930600000000')
|
||||
expect(log.from).to eq('49999992222222')
|
||||
expect(log.direction).to eq('in')
|
||||
expect(log.to_comment).to eq('user 1,user 2')
|
||||
expect(log.from_comment).to eq('CallerId Customer3,CallerId Customer2')
|
||||
expect(log.preferences['to']).to be_falsey
|
||||
expect(log.preferences['from']).to be_truthy
|
||||
expect(log.comment).to be_nil
|
||||
expect(log.state).to eq('newCall')
|
||||
expect(log.done).to eq(false)
|
||||
|
||||
# get caller list
|
||||
get '/api/v1/cti/log'
|
||||
expect(@response).to have_http_status(401)
|
||||
|
||||
authenticated_as(agent_user)
|
||||
get '/api/v1/cti/log', as: :json
|
||||
expect(@response).to have_http_status(200)
|
||||
expect(json_response['list']).to be_a_kind_of(Array)
|
||||
expect(json_response['list'].count).to eq(6)
|
||||
expect(json_response['assets']).to be_truthy
|
||||
expect(json_response['assets']['User']).to be_truthy
|
||||
expect(json_response['assets']['User'][customer_user2.id.to_s]).to be_truthy
|
||||
expect(json_response['assets']['User'][customer_user3.id.to_s]).to be_truthy
|
||||
expect(json_response['list'][0]['call_id']).to eq('1234567890-6')
|
||||
expect(json_response['list'][1]['call_id']).to eq('1234567890-5')
|
||||
expect(json_response['list'][2]['call_id']).to eq('1234567890-4')
|
||||
expect(json_response['list'][3]['call_id']).to eq('1234567890-3')
|
||||
expect(json_response['list'][4]['call_id']).to eq('1234567890-2')
|
||||
expect(json_response['list'][4]['state']).to eq('hangup')
|
||||
expect(json_response['list'][4]['from']).to eq('4930777000000')
|
||||
expect(json_response['list'][4]['from_comment']).to eq('user 1')
|
||||
expect(json_response['list'][4]['to']).to eq('4912347114711')
|
||||
expect(json_response['list'][4]['to_comment']).to eq('CallerId Customer1')
|
||||
expect(json_response['list'][4]['comment']).to eq('normalClearing')
|
||||
expect(json_response['list'][4]['state']).to eq('hangup')
|
||||
expect(json_response['list'][5]['call_id']).to eq('1234567890-1')
|
||||
end
|
||||
end
|
||||
end
|
31
spec/requests/o_auth_spec.rb
Normal file
31
spec/requests/o_auth_spec.rb
Normal file
|
@ -0,0 +1,31 @@
|
|||
require 'rails_helper'
|
||||
|
||||
RSpec.describe 'OAuth', type: :request do
|
||||
|
||||
describe 'request handling' do
|
||||
|
||||
it 'does o365 - start' do
|
||||
get '/auth/microsoft_office365'
|
||||
expect(response).to have_http_status(302)
|
||||
expect(response.body).to include('https://login.microsoftonline.com/common/oauth2/v2.0/authorize')
|
||||
expect(response.body).to include('redirect_uri=http%3A%2F%2Fzammad.example.com%2Fauth%2Fmicrosoft_office365%2Fcallback')
|
||||
expect(response.body).to include('scope=openid+email+profile')
|
||||
expect(response.body).to include('response_type=code')
|
||||
end
|
||||
|
||||
it 'does o365 - callback' do
|
||||
get '/auth/microsoft_office365/callback?code=1234&state=1234'
|
||||
expect(response).to have_http_status(302)
|
||||
expect(response.body).to include('302 Moved')
|
||||
end
|
||||
|
||||
it 'does auth failure' do
|
||||
get '/auth/failure?message=123&strategy=some_provider'
|
||||
expect(response).to have_http_status(422)
|
||||
expect(response.body).to include('<title>422: Unprocessable Entity</title>')
|
||||
expect(response.body).to include('<h1>422: The change you wanted was rejected.</h1>')
|
||||
expect(response.body).to include('<div>Message from some_provider: 123</div>')
|
||||
end
|
||||
end
|
||||
|
||||
end
|
557
spec/requests/organization_spec.rb
Normal file
557
spec/requests/organization_spec.rb
Normal file
|
@ -0,0 +1,557 @@
|
|||
require 'rails_helper'
|
||||
|
||||
RSpec.describe 'Organization', type: :request, searchindex: true do
|
||||
|
||||
let!(:admin_user) do
|
||||
create(:admin_user, groups: Group.all)
|
||||
end
|
||||
let!(:agent_user) do
|
||||
create(:agent_user, firstname: 'Search 1234', groups: Group.all)
|
||||
end
|
||||
let!(:customer_user) do
|
||||
create(:customer_user)
|
||||
end
|
||||
let!(:organization) do
|
||||
create(
|
||||
:organization,
|
||||
name: 'Rest Org #1',
|
||||
note: 'Rest Org #1',
|
||||
created_at: '2017-09-05 10:00:00',
|
||||
)
|
||||
end
|
||||
let!(:organization2) do
|
||||
create(
|
||||
:organization,
|
||||
name: 'Rest Org #2',
|
||||
note: 'Rest Org #2',
|
||||
created_at: '2017-09-05 11:00:00',
|
||||
)
|
||||
end
|
||||
let!(:organization3) do
|
||||
create(
|
||||
:organization,
|
||||
name: 'Rest Org #3',
|
||||
note: 'Rest Org #3',
|
||||
created_at: '2017-09-05 12:00:00',
|
||||
)
|
||||
end
|
||||
let!(:customer_user2) do
|
||||
create(:customer_user, organization: organization)
|
||||
end
|
||||
|
||||
before(:each) do
|
||||
configure_elasticsearch do
|
||||
|
||||
travel 1.minute
|
||||
|
||||
rebuild_searchindex
|
||||
|
||||
# execute background jobs
|
||||
Scheduler.worker(true)
|
||||
|
||||
sleep 6
|
||||
end
|
||||
end
|
||||
|
||||
describe 'request handling' do
|
||||
|
||||
it 'does index with agent' do
|
||||
|
||||
# index
|
||||
authenticated_as(agent_user)
|
||||
get '/api/v1/organizations', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
expect(json_response[0]['member_ids']).to be_a_kind_of(Array)
|
||||
expect(json_response.length >= 3).to be_truthy
|
||||
|
||||
get '/api/v1/organizations?limit=40&page=1&per_page=2', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
organizations = Organization.order(:id).limit(2)
|
||||
expect(json_response[0]['id']).to eq(organizations[0].id)
|
||||
expect(json_response[0]['member_ids']).to eq(organizations[0].member_ids)
|
||||
expect(json_response[1]['id']).to eq(organizations[1].id)
|
||||
expect(json_response[1]['member_ids']).to eq(organizations[1].member_ids)
|
||||
expect(json_response.count).to eq(2)
|
||||
|
||||
get '/api/v1/organizations?limit=40&page=2&per_page=2', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
organizations = Organization.order(:id).limit(4)
|
||||
expect(json_response[0]['id']).to eq(organizations[2].id)
|
||||
expect(json_response[0]['member_ids']).to eq(organizations[2].member_ids)
|
||||
expect(json_response[1]['id']).to eq(organizations[3].id)
|
||||
expect(json_response[1]['member_ids']).to eq(organizations[3].member_ids)
|
||||
|
||||
expect(json_response.count).to eq(2)
|
||||
|
||||
# show/:id
|
||||
get "/api/v1/organizations/#{organization.id}", params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['member_ids']).to be_a_kind_of(Array)
|
||||
expect(json_response['members']).to be_falsey
|
||||
expect('Rest Org #1').to eq(json_response['name'])
|
||||
|
||||
get "/api/v1/organizations/#{organization2.id}", params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['member_ids']).to be_a_kind_of(Array)
|
||||
expect(json_response['members']).to be_falsey
|
||||
expect('Rest Org #2').to eq(json_response['name'])
|
||||
|
||||
# search as agent
|
||||
Scheduler.worker(true)
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}", params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
expect(json_response[0]['name']).to eq('Zammad Foundation')
|
||||
expect(json_response[0]['member_ids']).to be_truthy
|
||||
expect(json_response[0]['members']).to be_falsey
|
||||
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}&expand=true", params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
expect(json_response[0]['name']).to eq('Zammad Foundation')
|
||||
expect(json_response[0]['member_ids']).to be_truthy
|
||||
expect(json_response[0]['members']).to be_truthy
|
||||
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}&label=true", params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
expect(json_response[0]['label']).to eq('Zammad Foundation')
|
||||
expect(json_response[0]['value']).to eq('Zammad Foundation')
|
||||
expect(json_response[0]['member_ids']).to be_falsey
|
||||
expect(json_response[0]['members']).to be_falsey
|
||||
end
|
||||
|
||||
it 'does index with customer1' do
|
||||
|
||||
# index
|
||||
authenticated_as(customer_user)
|
||||
get '/api/v1/organizations', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
expect(json_response.length).to eq(0)
|
||||
|
||||
# show/:id
|
||||
get "/api/v1/organizations/#{organization.id}", params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['name']).to be_nil
|
||||
|
||||
get "/api/v1/organizations/#{organization2.id}", params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['name']).to be_nil
|
||||
|
||||
# search
|
||||
Scheduler.worker(true)
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}", params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
end
|
||||
|
||||
it 'does index with customer2' do
|
||||
|
||||
# index
|
||||
authenticated_as(customer_user2)
|
||||
get '/api/v1/organizations', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
expect(json_response.length).to eq(1)
|
||||
|
||||
# show/:id
|
||||
get "/api/v1/organizations/#{organization.id}", params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect('Rest Org #1').to eq(json_response['name'])
|
||||
|
||||
get "/api/v1/organizations/#{organization2.id}", params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['name']).to be_nil
|
||||
|
||||
# search
|
||||
Scheduler.worker(true)
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}", params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
end
|
||||
|
||||
it 'does organization search sortable' do
|
||||
authenticated_as(admin_user)
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Rest Org')}", params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
result = json_response
|
||||
result.collect! { |v| v['id'] }
|
||||
expect(result).to be_a_kind_of(Array)
|
||||
expect(result).to eq([ organization.id, organization3.id, organization2.id ])
|
||||
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Rest Org')}", params: { sort_by: 'created_at', order_by: 'asc' }, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
result = json_response
|
||||
result.collect! { |v| v['id'] }
|
||||
expect(result).to be_a_kind_of(Array)
|
||||
expect(result).to eq([ organization.id, organization2.id, organization3.id ])
|
||||
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Rest Org')}", params: { sort_by: 'note', order_by: 'asc' }, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
result = json_response
|
||||
result.collect! { |v| v['id'] }
|
||||
expect(result).to be_a_kind_of(Array)
|
||||
expect(result).to eq([ organization.id, organization2.id, organization3.id ])
|
||||
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Rest Org')}", params: { sort_by: 'note', order_by: 'desc' }, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
result = json_response
|
||||
result.collect! { |v| v['id'] }
|
||||
expect(result).to be_a_kind_of(Array)
|
||||
expect(result).to eq([ organization3.id, organization2.id, organization.id ])
|
||||
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Rest Org')}", params: { sort_by: %w[note created_at], order_by: %w[desc asc] }, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
result = json_response
|
||||
result.collect! { |v| v['id'] }
|
||||
expect(result).to be_a_kind_of(Array)
|
||||
expect(result).to eq([ organization3.id, organization2.id, organization.id ])
|
||||
end
|
||||
|
||||
it 'does organization show and response format' do
|
||||
organization = create(
|
||||
:organization,
|
||||
name: 'Rest Org NEW',
|
||||
members: [customer_user],
|
||||
updated_by_id: admin_user.id,
|
||||
created_by_id: admin_user.id,
|
||||
)
|
||||
|
||||
authenticated_as(admin_user)
|
||||
get "/api/v1/organizations/#{organization.id}", params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['id']).to eq(organization.id)
|
||||
expect(json_response['name']).to eq(organization.name)
|
||||
expect(json_response['members']).to be_falsey
|
||||
expect(json_response['member_ids']).to eq([customer_user.id])
|
||||
expect(json_response['updated_by_id']).to eq(admin_user.id)
|
||||
expect(json_response['created_by_id']).to eq(admin_user.id)
|
||||
|
||||
get "/api/v1/organizations/#{organization.id}?expand=true", params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['id']).to eq(organization.id)
|
||||
expect(json_response['name']).to eq(organization.name)
|
||||
expect(json_response['members']).to be_truthy
|
||||
expect(json_response['member_ids']).to eq([customer_user.id])
|
||||
expect(json_response['updated_by_id']).to eq(admin_user.id)
|
||||
expect(json_response['created_by_id']).to eq(admin_user.id)
|
||||
|
||||
get "/api/v1/organizations/#{organization.id}?expand=false", params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['id']).to eq(organization.id)
|
||||
expect(json_response['name']).to eq(organization.name)
|
||||
expect(json_response['members']).to be_falsey
|
||||
expect(json_response['member_ids']).to eq([customer_user.id])
|
||||
expect(json_response['updated_by_id']).to eq(admin_user.id)
|
||||
expect(json_response['created_by_id']).to eq(admin_user.id)
|
||||
|
||||
get "/api/v1/organizations/#{organization.id}?full=true", params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['id']).to eq(organization.id)
|
||||
expect(json_response['assets']).to be_truthy
|
||||
expect(json_response['assets']['Organization']).to be_truthy
|
||||
expect(json_response['assets']['Organization'][organization.id.to_s]).to be_truthy
|
||||
expect(json_response['assets']['Organization'][organization.id.to_s]['id']).to eq(organization.id)
|
||||
expect(json_response['assets']['Organization'][organization.id.to_s]['name']).to eq(organization.name)
|
||||
expect(json_response['assets']['Organization'][organization.id.to_s]['member_ids']).to eq(organization.member_ids)
|
||||
expect(json_response['assets']['Organization'][organization.id.to_s]['members']).to be_falsey
|
||||
|
||||
get "/api/v1/organizations/#{organization.id}?full=false", params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['id']).to eq(organization.id)
|
||||
expect(json_response['name']).to eq(organization.name)
|
||||
expect(json_response['members']).to be_falsey
|
||||
expect(json_response['member_ids']).to eq([customer_user.id])
|
||||
expect(json_response['updated_by_id']).to eq(admin_user.id)
|
||||
expect(json_response['created_by_id']).to eq(admin_user.id)
|
||||
end
|
||||
|
||||
it 'does organization index and response format' do
|
||||
organization = create(
|
||||
:organization,
|
||||
name: 'Rest Org NEW',
|
||||
members: [customer_user],
|
||||
updated_by_id: admin_user.id,
|
||||
created_by_id: admin_user.id,
|
||||
)
|
||||
|
||||
authenticated_as(admin_user)
|
||||
get '/api/v1/organizations', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
expect(json_response[0].class).to eq(Hash)
|
||||
expect(json_response.last['id']).to eq(organization.id)
|
||||
expect(json_response.last['name']).to eq(organization.name)
|
||||
expect(json_response.last['members']).to be_falsey
|
||||
expect(json_response.last['member_ids']).to eq(organization.member_ids)
|
||||
expect(json_response.last['updated_by_id']).to eq(admin_user.id)
|
||||
expect(json_response.last['created_by_id']).to eq(admin_user.id)
|
||||
|
||||
get '/api/v1/organizations?expand=true', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
expect(json_response[0].class).to eq(Hash)
|
||||
expect(json_response.last['id']).to eq(organization.id)
|
||||
expect(json_response.last['name']).to eq(organization.name)
|
||||
expect(json_response.last['member_ids']).to eq(organization.member_ids)
|
||||
expect([customer_user.login]).to eq(organization.members.pluck(:login))
|
||||
expect(json_response.last['updated_by_id']).to eq(admin_user.id)
|
||||
expect(json_response.last['created_by_id']).to eq(admin_user.id)
|
||||
|
||||
get '/api/v1/organizations?expand=false', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
expect(json_response[0].class).to eq(Hash)
|
||||
expect(json_response.last['id']).to eq(organization.id)
|
||||
expect(json_response.last['name']).to eq(organization.name)
|
||||
expect(json_response.last['members']).to be_falsey
|
||||
expect(json_response.last['member_ids']).to eq(organization.member_ids)
|
||||
expect(json_response.last['updated_by_id']).to eq(admin_user.id)
|
||||
expect(json_response.last['created_by_id']).to eq(admin_user.id)
|
||||
|
||||
get '/api/v1/organizations?full=true', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['record_ids'].class).to eq(Array)
|
||||
expect(json_response['record_ids'][0]).to eq(1)
|
||||
expect(json_response['record_ids'].last).to eq(organization.id)
|
||||
expect(json_response['assets']).to be_truthy
|
||||
expect(json_response['assets']['Organization']).to be_truthy
|
||||
expect(json_response['assets']['Organization'][organization.id.to_s]).to be_truthy
|
||||
expect(json_response['assets']['Organization'][organization.id.to_s]['id']).to eq(organization.id)
|
||||
expect(json_response['assets']['Organization'][organization.id.to_s]['name']).to eq(organization.name)
|
||||
expect(json_response['assets']['Organization'][organization.id.to_s]['member_ids']).to eq(organization.member_ids)
|
||||
expect(json_response['assets']['Organization'][organization.id.to_s]['members']).to be_falsey
|
||||
|
||||
get '/api/v1/organizations?full=false', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
expect(json_response[0].class).to eq(Hash)
|
||||
expect(json_response.last['id']).to eq(organization.id)
|
||||
expect(json_response.last['name']).to eq(organization.name)
|
||||
expect(json_response.last['members']).to be_falsey
|
||||
expect(json_response.last['member_ids']).to eq(organization.member_ids)
|
||||
expect(json_response.last['updated_by_id']).to eq(admin_user.id)
|
||||
expect(json_response.last['created_by_id']).to eq(admin_user.id)
|
||||
end
|
||||
|
||||
it 'does ticket create and response format' do
|
||||
params = {
|
||||
name: 'Rest Org NEW',
|
||||
members: [customer_user.login],
|
||||
}
|
||||
|
||||
authenticated_as(admin_user)
|
||||
post '/api/v1/organizations', params: params, as: :json
|
||||
expect(response).to have_http_status(201)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
|
||||
organization = Organization.find(json_response['id'])
|
||||
expect(json_response['name']).to eq(organization.name)
|
||||
expect(json_response['member_ids']).to eq(organization.member_ids)
|
||||
expect(json_response['members']).to be_falsey
|
||||
expect(json_response['updated_by_id']).to eq(admin_user.id)
|
||||
expect(json_response['created_by_id']).to eq(admin_user.id)
|
||||
|
||||
params[:name] = 'Rest Org NEW #2'
|
||||
post '/api/v1/organizations?expand=true', params: params, as: :json
|
||||
expect(response).to have_http_status(201)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
|
||||
organization = Organization.find(json_response['id'])
|
||||
expect(json_response['name']).to eq(organization.name)
|
||||
expect(json_response['member_ids']).to eq(organization.member_ids)
|
||||
expect(json_response['members']).to eq(organization.members.pluck(:login))
|
||||
expect(json_response['updated_by_id']).to eq(admin_user.id)
|
||||
expect(json_response['created_by_id']).to eq(admin_user.id)
|
||||
|
||||
params[:name] = 'Rest Org NEW #3'
|
||||
post '/api/v1/organizations?full=true', params: params, as: :json
|
||||
expect(response).to have_http_status(201)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
|
||||
organization = Organization.find(json_response['id'])
|
||||
expect(json_response['assets']).to be_truthy
|
||||
expect(json_response['assets']['Organization']).to be_truthy
|
||||
expect(json_response['assets']['Organization'][organization.id.to_s]).to be_truthy
|
||||
expect(json_response['assets']['Organization'][organization.id.to_s]['id']).to eq(organization.id)
|
||||
expect(json_response['assets']['Organization'][organization.id.to_s]['name']).to eq(organization.name)
|
||||
expect(json_response['assets']['Organization'][organization.id.to_s]['member_ids']).to eq(organization.member_ids)
|
||||
expect(json_response['assets']['Organization'][organization.id.to_s]['members']).to be_falsey
|
||||
|
||||
end
|
||||
|
||||
it 'does ticket update and response formats' do
|
||||
organization = create(
|
||||
:organization,
|
||||
name: 'Rest Org NEW',
|
||||
members: [customer_user],
|
||||
updated_by_id: admin_user.id,
|
||||
created_by_id: admin_user.id,
|
||||
)
|
||||
|
||||
params = {
|
||||
name: 'a update name #1',
|
||||
}
|
||||
authenticated_as(admin_user)
|
||||
put "/api/v1/organizations/#{organization.id}", params: params, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
|
||||
organization = Organization.find(json_response['id'])
|
||||
expect(json_response['name']).to eq(params[:name])
|
||||
expect(json_response['member_ids']).to eq(organization.member_ids)
|
||||
expect(json_response['members']).to be_falsey
|
||||
expect(json_response['updated_by_id']).to eq(admin_user.id)
|
||||
expect(json_response['created_by_id']).to eq(admin_user.id)
|
||||
|
||||
params = {
|
||||
name: 'a update name #2',
|
||||
}
|
||||
put "/api/v1/organizations/#{organization.id}?expand=true", params: params, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
|
||||
organization = Organization.find(json_response['id'])
|
||||
expect(json_response['name']).to eq(params[:name])
|
||||
expect(json_response['member_ids']).to eq(organization.member_ids)
|
||||
expect([customer_user.login]).to eq(organization.members.pluck(:login))
|
||||
expect(json_response['updated_by_id']).to eq(admin_user.id)
|
||||
expect(json_response['created_by_id']).to eq(admin_user.id)
|
||||
|
||||
params = {
|
||||
name: 'a update name #3',
|
||||
}
|
||||
put "/api/v1/organizations/#{organization.id}?full=true", params: params, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
|
||||
organization = Organization.find(json_response['id'])
|
||||
expect(json_response['assets']).to be_truthy
|
||||
expect(json_response['assets']['Organization']).to be_truthy
|
||||
expect(json_response['assets']['Organization'][organization.id.to_s]).to be_truthy
|
||||
expect(json_response['assets']['Organization'][organization.id.to_s]['id']).to eq(organization.id)
|
||||
expect(json_response['assets']['Organization'][organization.id.to_s]['name']).to eq(params[:name])
|
||||
expect(json_response['assets']['Organization'][organization.id.to_s]['member_ids']).to eq(organization.member_ids)
|
||||
expect(json_response['assets']['Organization'][organization.id.to_s]['members']).to be_falsey
|
||||
|
||||
end
|
||||
|
||||
it 'does csv example - customer no access' do
|
||||
authenticated_as(customer_user)
|
||||
get '/api/v1/organizations/import_example', params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response['error']).to eq('Not authorized (user)!')
|
||||
end
|
||||
|
||||
it 'does csv example - admin access' do
|
||||
authenticated_as(admin_user)
|
||||
get '/api/v1/organizations/import_example', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
|
||||
rows = CSV.parse(@response.body)
|
||||
header = rows.shift
|
||||
|
||||
expect(header[0]).to eq('id')
|
||||
expect(header[1]).to eq('name')
|
||||
expect(header[2]).to eq('shared')
|
||||
expect(header[3]).to eq('domain')
|
||||
expect(header[4]).to eq('domain_assignment')
|
||||
expect(header[5]).to eq('active')
|
||||
expect(header[6]).to eq('note')
|
||||
expect(header.include?('members')).to be_truthy
|
||||
end
|
||||
|
||||
it 'does csv import - admin access' do
|
||||
|
||||
UserInfo.current_user_id = 1
|
||||
customer1 = create(
|
||||
:customer_user,
|
||||
login: 'customer1-members@example.com',
|
||||
firstname: 'Member',
|
||||
lastname: 'Customer',
|
||||
email: 'customer1-members@example.com',
|
||||
password: 'customerpw',
|
||||
active: true,
|
||||
)
|
||||
customer2 = create(
|
||||
:customer_user,
|
||||
login: 'customer2-members@example.com',
|
||||
firstname: 'Member',
|
||||
lastname: 'Customer',
|
||||
email: 'customer2-members@example.com',
|
||||
password: 'customerpw',
|
||||
active: true,
|
||||
)
|
||||
UserInfo.current_user_id = nil
|
||||
|
||||
# invalid file
|
||||
authenticated_as(admin_user)
|
||||
csv_file_path = Rails.root.join('test', 'data', 'csv', 'organization_simple_col_not_existing.csv')
|
||||
csv_file = ::Rack::Test::UploadedFile.new(csv_file_path, 'text/csv')
|
||||
post '/api/v1/organizations/import?try=true', params: { file: csv_file, col_sep: ';' }
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
|
||||
expect(json_response['try']).to eq(true)
|
||||
expect(json_response['records'].count).to eq(2)
|
||||
expect(json_response['result']).to eq('failed')
|
||||
expect(json_response['errors'].count).to eq(2)
|
||||
expect(json_response['errors'][0]).to eq("Line 1: unknown attribute 'name2' for Organization.")
|
||||
expect(json_response['errors'][1]).to eq("Line 2: unknown attribute 'name2' for Organization.")
|
||||
|
||||
# valid file try
|
||||
csv_file_path = Rails.root.join('test', 'data', 'csv', 'organization_simple.csv')
|
||||
csv_file = ::Rack::Test::UploadedFile.new(csv_file_path, 'text/csv')
|
||||
post '/api/v1/organizations/import?try=true', params: { file: csv_file, col_sep: ';' }
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
|
||||
expect(json_response['try']).to eq(true)
|
||||
expect(json_response['records'].count).to eq(2)
|
||||
expect(json_response['result']).to eq('success')
|
||||
|
||||
expect(Organization.find_by(name: 'organization-member-import1')).to be_nil
|
||||
expect(Organization.find_by(name: 'organization-member-import2')).to be_nil
|
||||
|
||||
# valid file
|
||||
csv_file_path = Rails.root.join('test', 'data', 'csv', 'organization_simple.csv')
|
||||
csv_file = ::Rack::Test::UploadedFile.new(csv_file_path, 'text/csv')
|
||||
post '/api/v1/organizations/import', params: { file: csv_file, col_sep: ';' }
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
|
||||
expect(json_response['try']).to eq(false)
|
||||
expect(json_response['records'].count).to eq(2)
|
||||
expect(json_response['result']).to eq('success')
|
||||
|
||||
organization1 = Organization.find_by(name: 'organization-member-import1')
|
||||
expect(organization1).to be_truthy
|
||||
expect(organization1.name).to eq('organization-member-import1')
|
||||
expect(organization1.members.count).to eq(1)
|
||||
expect(organization1.members.first.login).to eq(customer1.login)
|
||||
expect(organization1.active).to eq(true)
|
||||
organization2 = Organization.find_by(name: 'organization-member-import2')
|
||||
expect(organization2).to be_truthy
|
||||
expect(organization2.name).to eq('organization-member-import2')
|
||||
expect(organization2.members.count).to eq(1)
|
||||
expect(organization2.members.first.login).to eq(customer2.login)
|
||||
expect(organization2.active).to eq(false)
|
||||
end
|
||||
end
|
||||
end
|
186
spec/requests/overview_spec.rb
Normal file
186
spec/requests/overview_spec.rb
Normal file
|
@ -0,0 +1,186 @@
|
|||
require 'rails_helper'
|
||||
|
||||
RSpec.describe 'Overviews', type: :request do
|
||||
|
||||
let(:admin_user) do
|
||||
create(:admin_user)
|
||||
end
|
||||
|
||||
describe 'request handling' do
|
||||
|
||||
it 'does return no permissions' do
|
||||
params = {
|
||||
name: 'Overview2',
|
||||
link: 'my_overview',
|
||||
roles: Role.where(name: 'Agent').pluck(:name),
|
||||
condition: {
|
||||
'ticket.state_id' => {
|
||||
operator: 'is',
|
||||
value: [1, 2, 3],
|
||||
},
|
||||
},
|
||||
order: {
|
||||
by: 'created_at',
|
||||
direction: 'DESC',
|
||||
},
|
||||
view: {
|
||||
d: %w[title customer state created_at],
|
||||
s: %w[number title customer state created_at],
|
||||
m: %w[number title customer state created_at],
|
||||
view_mode_default: 's',
|
||||
},
|
||||
}
|
||||
|
||||
agent_user = create(:agent_user, password: 'we need a password here')
|
||||
|
||||
authenticated_as(agent_user)
|
||||
post '/api/v1/overviews', params: params, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('authentication failed')
|
||||
end
|
||||
|
||||
it 'does create overviews' do
|
||||
params = {
|
||||
name: 'Overview2',
|
||||
link: 'my_overview',
|
||||
roles: Role.where(name: 'Agent').pluck(:name),
|
||||
condition: {
|
||||
'ticket.state_id' => {
|
||||
operator: 'is',
|
||||
value: [1, 2, 3],
|
||||
},
|
||||
},
|
||||
order: {
|
||||
by: 'created_at',
|
||||
direction: 'DESC',
|
||||
},
|
||||
view: {
|
||||
d: %w[title customer state created_at],
|
||||
s: %w[number title customer state created_at],
|
||||
m: %w[number title customer state created_at],
|
||||
view_mode_default: 's',
|
||||
},
|
||||
}
|
||||
|
||||
authenticated_as(admin_user)
|
||||
post '/api/v1/overviews', params: params, as: :json
|
||||
expect(response).to have_http_status(201)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['name']).to eq('Overview2')
|
||||
expect(json_response['link']).to eq('my_overview')
|
||||
|
||||
post '/api/v1/overviews', params: params, as: :json
|
||||
expect(response).to have_http_status(201)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['name']).to eq('Overview2')
|
||||
expect(json_response['link']).to eq('my_overview_1')
|
||||
end
|
||||
|
||||
it 'does set mass prio' do
|
||||
roles = Role.where(name: 'Agent')
|
||||
overview1 = Overview.create!(
|
||||
name: 'Overview1',
|
||||
link: 'my_overview',
|
||||
roles: roles,
|
||||
condition: {
|
||||
'ticket.state_id' => {
|
||||
operator: 'is',
|
||||
value: [1, 2, 3],
|
||||
},
|
||||
},
|
||||
order: {
|
||||
by: 'created_at',
|
||||
direction: 'DESC',
|
||||
},
|
||||
view: {
|
||||
d: %w[title customer state created_at],
|
||||
s: %w[number title customer state created_at],
|
||||
m: %w[number title customer state created_at],
|
||||
view_mode_default: 's',
|
||||
},
|
||||
prio: 1,
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1,
|
||||
)
|
||||
overview2 = Overview.create!(
|
||||
name: 'Overview2',
|
||||
link: 'my_overview',
|
||||
roles: roles,
|
||||
condition: {
|
||||
'ticket.state_id' => {
|
||||
operator: 'is',
|
||||
value: [1, 2, 3],
|
||||
},
|
||||
},
|
||||
order: {
|
||||
by: 'created_at',
|
||||
direction: 'DESC',
|
||||
},
|
||||
view: {
|
||||
d: %w[title customer state created_at],
|
||||
s: %w[number title customer state created_at],
|
||||
m: %w[number title customer state created_at],
|
||||
view_mode_default: 's',
|
||||
},
|
||||
prio: 2,
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1,
|
||||
)
|
||||
|
||||
params = {
|
||||
prios: [
|
||||
[overview2.id, 1],
|
||||
[overview1.id, 2],
|
||||
]
|
||||
}
|
||||
authenticated_as(admin_user)
|
||||
post '/api/v1/overviews_prio', params: params, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['success']).to eq(true)
|
||||
|
||||
overview1.reload
|
||||
overview2.reload
|
||||
|
||||
expect(overview1.prio).to eq(2)
|
||||
expect(overview2.prio).to eq(1)
|
||||
end
|
||||
|
||||
it 'does create an overview with group_by direction' do
|
||||
|
||||
params = {
|
||||
name: 'Overview2',
|
||||
link: 'my_overview',
|
||||
roles: Role.where(name: 'Agent').pluck(:name),
|
||||
condition: {
|
||||
'ticket.state_id' => {
|
||||
operator: 'is',
|
||||
value: [1, 2, 3],
|
||||
},
|
||||
},
|
||||
order: {
|
||||
by: 'created_at',
|
||||
direction: 'DESC',
|
||||
},
|
||||
group_by: 'priority',
|
||||
group_direction: 'ASC',
|
||||
view: {
|
||||
d: %w[title customer state created_at],
|
||||
s: %w[number title customer state created_at],
|
||||
m: %w[number title customer state created_at],
|
||||
view_mode_default: 's',
|
||||
},
|
||||
}
|
||||
|
||||
authenticated_as(admin_user)
|
||||
post '/api/v1/overviews', params: params, as: :json
|
||||
expect(response).to have_http_status(201)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['name']).to eq('Overview2')
|
||||
expect(json_response['link']).to eq('my_overview')
|
||||
expect(json_response['group_by']).to eq('priority')
|
||||
expect(json_response['group_direction']).to eq('ASC')
|
||||
end
|
||||
end
|
||||
end
|
75
spec/requests/package_spec.rb
Normal file
75
spec/requests/package_spec.rb
Normal file
|
@ -0,0 +1,75 @@
|
|||
require 'rails_helper'
|
||||
|
||||
RSpec.describe 'Packages', type: :request do
|
||||
|
||||
let(:admin_user) do
|
||||
create(:admin_user)
|
||||
end
|
||||
let(:agent_user) do
|
||||
create(:agent_user)
|
||||
end
|
||||
let(:customer_user) do
|
||||
create(:customer_user)
|
||||
end
|
||||
|
||||
describe 'request handling' do
|
||||
|
||||
it 'does packages index with nobody' do
|
||||
get '/api/v1/packages', as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['packages']).to be_falsey
|
||||
expect(json_response['error']).to eq('authentication failed')
|
||||
end
|
||||
|
||||
it 'does packages index with admin' do
|
||||
authenticated_as(admin_user)
|
||||
get '/api/v1/packages', as: :json
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['packages']).to be_truthy
|
||||
end
|
||||
|
||||
it 'does packages index with admin and wrong pw' do
|
||||
authenticated_as(admin_user, password: 'wrongadminpw')
|
||||
get '/api/v1/packages', as: :json
|
||||
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('authentication failed')
|
||||
end
|
||||
|
||||
it 'does packages index with inactive admin' do
|
||||
admin_user = create(:admin_user, active: false, password: 'we need a password here')
|
||||
|
||||
authenticated_as(admin_user)
|
||||
get '/api/v1/packages', as: :json
|
||||
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('authentication failed')
|
||||
end
|
||||
|
||||
it 'does packages index with agent' do
|
||||
authenticated_as(agent_user)
|
||||
get '/api/v1/packages', as: :json
|
||||
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['packages']).to be_falsey
|
||||
expect(json_response['error']).to eq('Not authorized (user)!')
|
||||
end
|
||||
|
||||
it 'does packages index with customer' do
|
||||
authenticated_as(customer_user)
|
||||
get '/api/v1/packages', as: :json
|
||||
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['packages']).to be_falsey
|
||||
expect(json_response['error']).to eq('Not authorized (user)!')
|
||||
end
|
||||
end
|
||||
end
|
59
spec/requests/report_spec.rb
Normal file
59
spec/requests/report_spec.rb
Normal file
|
@ -0,0 +1,59 @@
|
|||
require 'rails_helper'
|
||||
|
||||
RSpec.describe 'Report', type: :request, searchindex: true do
|
||||
|
||||
let!(:admin_user) do
|
||||
create(:admin_user)
|
||||
end
|
||||
let!(:agent_user) do
|
||||
create(:agent_user)
|
||||
end
|
||||
let!(:customer_user) do
|
||||
create(:customer_user)
|
||||
end
|
||||
let!(:year) do
|
||||
DateTime.now.utc.year
|
||||
end
|
||||
let!(:month) do
|
||||
DateTime.now.utc.month
|
||||
end
|
||||
let!(:week) do
|
||||
DateTime.now.utc.strftime('%U').to_i
|
||||
end
|
||||
let!(:day) do
|
||||
DateTime.now.utc.day
|
||||
end
|
||||
let!(:ticket) do
|
||||
create(:ticket, title: 'ticket for report', customer: customer_user)
|
||||
end
|
||||
let!(:article) do
|
||||
create(:ticket_article, ticket_id: ticket.id, type: Ticket::Article::Type.lookup(name: 'note') )
|
||||
end
|
||||
|
||||
before(:each) do
|
||||
configure_elasticsearch do
|
||||
|
||||
travel 1.minute
|
||||
|
||||
rebuild_searchindex
|
||||
|
||||
# execute background jobs
|
||||
Scheduler.worker(true)
|
||||
|
||||
sleep 6
|
||||
end
|
||||
end
|
||||
|
||||
describe 'request handling' do
|
||||
|
||||
it 'does report example - admin access' do
|
||||
authenticated_as(admin_user)
|
||||
get "/api/v1/reports/sets?sheet=true;metric=count;year=#{year};month=#{month};week=#{week};day=#{day};timeRange=year;profile_id=1;downloadBackendSelected=count::created", params: {}, as: :json
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
assert(@response['Content-Disposition'])
|
||||
expect(@response['Content-Disposition']).to eq('attachment; filename="tickets--all--Created.xls"')
|
||||
expect(@response['Content-Type']).to eq('application/vnd.ms-excel')
|
||||
end
|
||||
end
|
||||
end
|
330
spec/requests/search_spec.rb
Normal file
330
spec/requests/search_spec.rb
Normal file
|
@ -0,0 +1,330 @@
|
|||
require 'rails_helper'
|
||||
|
||||
RSpec.describe 'Search', type: :request, searchindex: true do
|
||||
|
||||
let!(:admin_user) do
|
||||
create(:admin_user, groups: Group.all)
|
||||
end
|
||||
let!(:agent_user) do
|
||||
create(:agent_user, firstname: 'Search 1234', groups: Group.all)
|
||||
end
|
||||
let!(:customer_user) do
|
||||
create(:customer_user)
|
||||
end
|
||||
let!(:organization1) do
|
||||
create(:organization, name: 'Rest Org')
|
||||
end
|
||||
let!(:organization2) do
|
||||
create(:organization, name: 'Rest Org #2')
|
||||
end
|
||||
let!(:organization3) do
|
||||
create(:organization, name: 'Rest Org #3')
|
||||
end
|
||||
let!(:organization4) do
|
||||
create(:organization, name: 'Tes.t. Org')
|
||||
end
|
||||
let!(:organization5) do
|
||||
create(:organization, name: 'ABC_D Org')
|
||||
end
|
||||
let!(:customer_user2) do
|
||||
create(:customer_user, organization: organization1)
|
||||
end
|
||||
let!(:customer_user3) do
|
||||
create(:customer_user, organization: organization1)
|
||||
end
|
||||
let!(:ticket1) do
|
||||
create(:ticket, title: 'test 1234-1', customer: customer_user)
|
||||
end
|
||||
let!(:ticket2) do
|
||||
create(:ticket, title: 'test 1234-2', customer: customer_user2)
|
||||
end
|
||||
let!(:ticket3) do
|
||||
create(:ticket, title: 'test 1234-2', customer: customer_user3)
|
||||
end
|
||||
let!(:article1) do
|
||||
create(:ticket_article, ticket_id: ticket1.id)
|
||||
end
|
||||
let!(:article2) do
|
||||
create(:ticket_article, ticket_id: ticket2.id)
|
||||
end
|
||||
let!(:article3) do
|
||||
create(:ticket_article, ticket_id: ticket3.id)
|
||||
end
|
||||
|
||||
before(:each) do
|
||||
configure_elasticsearch do
|
||||
|
||||
travel 1.minute
|
||||
|
||||
rebuild_searchindex
|
||||
|
||||
# execute background jobs
|
||||
Scheduler.worker(true)
|
||||
|
||||
sleep 6
|
||||
end
|
||||
end
|
||||
|
||||
describe 'request handling' do
|
||||
|
||||
it 'does settings index with nobody' do
|
||||
params = {
|
||||
query: 'test 1234',
|
||||
limit: 2,
|
||||
}
|
||||
|
||||
post '/api/v1/search/ticket', params: params, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response).to_not be_blank
|
||||
expect(json_response['error']).to eq('authentication failed')
|
||||
|
||||
post '/api/v1/search/user', params: params, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response).to_not be_blank
|
||||
expect(json_response['error']).to eq('authentication failed')
|
||||
|
||||
post '/api/v1/search', params: params, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response).to_not be_blank
|
||||
expect(json_response['error']).to eq('authentication failed')
|
||||
end
|
||||
|
||||
it 'does settings index with admin' do
|
||||
params = {
|
||||
query: '1234*',
|
||||
limit: 1,
|
||||
}
|
||||
authenticated_as(admin_user)
|
||||
post '/api/v1/search', params: params, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response).to be_truthy
|
||||
expect(json_response['result'][0]['type']).to eq('Ticket')
|
||||
expect(json_response['result'][0]['id']).to eq(ticket3.id)
|
||||
expect(json_response['result'][1]['type']).to eq('User')
|
||||
expect(json_response['result'][1]['id']).to eq(agent_user.id)
|
||||
expect(json_response['result'][2]).to be_falsey
|
||||
|
||||
params = {
|
||||
query: '1234*',
|
||||
limit: 10,
|
||||
}
|
||||
|
||||
post '/api/v1/search', params: params, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response).to be_truthy
|
||||
expect(json_response['result'][0]['type']).to eq('Ticket')
|
||||
expect(json_response['result'][0]['id']).to eq(ticket3.id)
|
||||
expect(json_response['result'][1]['type']).to eq('Ticket')
|
||||
expect(json_response['result'][1]['id']).to eq(ticket2.id)
|
||||
expect(json_response['result'][2]['type']).to eq('Ticket')
|
||||
expect(json_response['result'][2]['id']).to eq(ticket1.id)
|
||||
expect(json_response['result'][3]['type']).to eq('User')
|
||||
expect(json_response['result'][3]['id']).to eq(agent_user.id)
|
||||
expect(json_response['result'][4]).to be_falsey
|
||||
|
||||
params = {
|
||||
query: '1234*',
|
||||
limit: 10,
|
||||
}
|
||||
|
||||
post '/api/v1/search/ticket', params: params, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response).to be_truthy
|
||||
expect(json_response['result'][0]['type']).to eq('Ticket')
|
||||
expect(json_response['result'][0]['id']).to eq(ticket3.id)
|
||||
expect(json_response['result'][1]['type']).to eq('Ticket')
|
||||
expect(json_response['result'][1]['id']).to eq(ticket2.id)
|
||||
expect(json_response['result'][2]['type']).to eq('Ticket')
|
||||
expect(json_response['result'][2]['id']).to eq(ticket1.id)
|
||||
expect(json_response['result'][3]).to be_falsey
|
||||
|
||||
params = {
|
||||
query: '1234*',
|
||||
limit: 10,
|
||||
}
|
||||
|
||||
post '/api/v1/search/user', params: params, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['result'][0]['type']).to eq('User')
|
||||
expect(json_response['result'][0]['id']).to eq(agent_user.id)
|
||||
expect(json_response['result'][1]).to be_falsey
|
||||
end
|
||||
|
||||
it 'does settings index with agent' do
|
||||
params = {
|
||||
query: '1234*',
|
||||
limit: 1,
|
||||
}
|
||||
|
||||
authenticated_as(agent_user)
|
||||
post '/api/v1/search', params: params, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response).to be_truthy
|
||||
expect(json_response['result'][0]['type']).to eq('Ticket')
|
||||
expect(json_response['result'][0]['id']).to eq(ticket3.id)
|
||||
expect(json_response['result'][1]['type']).to eq('User')
|
||||
expect(json_response['result'][1]['id']).to eq(agent_user.id)
|
||||
expect(json_response['result'][2]).to be_falsey
|
||||
|
||||
params = {
|
||||
query: '1234*',
|
||||
limit: 10,
|
||||
}
|
||||
|
||||
post '/api/v1/search', params: params, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response).to be_truthy
|
||||
expect(json_response['result'][0]['type']).to eq('Ticket')
|
||||
expect(json_response['result'][0]['id']).to eq(ticket3.id)
|
||||
expect(json_response['result'][1]['type']).to eq('Ticket')
|
||||
expect(json_response['result'][1]['id']).to eq(ticket2.id)
|
||||
expect(json_response['result'][2]['type']).to eq('Ticket')
|
||||
expect(json_response['result'][2]['id']).to eq(ticket1.id)
|
||||
expect(json_response['result'][3]['type']).to eq('User')
|
||||
expect(json_response['result'][3]['id']).to eq(agent_user.id)
|
||||
expect(json_response['result'][4]).to be_falsey
|
||||
|
||||
params = {
|
||||
query: '1234*',
|
||||
limit: 10,
|
||||
}
|
||||
|
||||
post '/api/v1/search/ticket', params: params, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response).to be_truthy
|
||||
expect(json_response['result'][0]['type']).to eq('Ticket')
|
||||
expect(json_response['result'][0]['id']).to eq(ticket3.id)
|
||||
expect(json_response['result'][1]['type']).to eq('Ticket')
|
||||
expect(json_response['result'][1]['id']).to eq(ticket2.id)
|
||||
expect(json_response['result'][2]['type']).to eq('Ticket')
|
||||
expect(json_response['result'][2]['id']).to eq(ticket1.id)
|
||||
expect(json_response['result'][3]).to be_falsey
|
||||
|
||||
params = {
|
||||
query: '1234*',
|
||||
limit: 10,
|
||||
}
|
||||
|
||||
post '/api/v1/search/user', params: params, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['result'][0]['type']).to eq('User')
|
||||
expect(json_response['result'][0]['id']).to eq(agent_user.id)
|
||||
expect(json_response['result'][1]).to be_falsey
|
||||
end
|
||||
|
||||
it 'does settings index with customer 1' do
|
||||
params = {
|
||||
query: '1234*',
|
||||
limit: 10,
|
||||
}
|
||||
|
||||
authenticated_as(customer_user)
|
||||
post '/api/v1/search', params: params, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response).to be_truthy
|
||||
expect(json_response['result'][0]['type']).to eq('Ticket')
|
||||
expect(json_response['result'][0]['id']).to eq(ticket1.id)
|
||||
expect(json_response['result'][1]).to be_falsey
|
||||
|
||||
params = {
|
||||
query: '1234*',
|
||||
limit: 10,
|
||||
}
|
||||
|
||||
post '/api/v1/search/ticket', params: params, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response).to be_truthy
|
||||
expect(json_response['result'][0]['type']).to eq('Ticket')
|
||||
expect(json_response['result'][0]['id']).to eq(ticket1.id)
|
||||
expect(json_response['result'][1]).to be_falsey
|
||||
|
||||
params = {
|
||||
query: '1234*',
|
||||
limit: 10,
|
||||
}
|
||||
|
||||
post '/api/v1/search/user', params: params, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['result'][0]).to be_falsey
|
||||
end
|
||||
|
||||
it 'does settings index with customer 2' do
|
||||
params = {
|
||||
query: '1234*',
|
||||
limit: 10,
|
||||
}
|
||||
|
||||
authenticated_as(customer_user2)
|
||||
post '/api/v1/search', params: params, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response).to be_truthy
|
||||
expect(json_response['result'][0]['type']).to eq('Ticket')
|
||||
expect(json_response['result'][0]['id']).to eq(ticket3.id)
|
||||
expect(json_response['result'][1]['type']).to eq('Ticket')
|
||||
expect(json_response['result'][1]['id']).to eq(ticket2.id)
|
||||
expect(json_response['result'][2]).to be_falsey
|
||||
|
||||
params = {
|
||||
query: '1234*',
|
||||
limit: 10,
|
||||
}
|
||||
|
||||
post '/api/v1/search/ticket', params: params, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response).to be_truthy
|
||||
expect(json_response['result'][0]['type']).to eq('Ticket')
|
||||
expect(json_response['result'][0]['id']).to eq(ticket3.id)
|
||||
expect(json_response['result'][1]['type']).to eq('Ticket')
|
||||
expect(json_response['result'][1]['id']).to eq(ticket2.id)
|
||||
expect(json_response['result'][2]).to be_falsey
|
||||
|
||||
params = {
|
||||
query: '1234*',
|
||||
limit: 10,
|
||||
}
|
||||
|
||||
post '/api/v1/search/user', params: params, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['result'][0]).to be_falsey
|
||||
end
|
||||
|
||||
# Verify fix for Github issue #2058 - Autocomplete hangs on dot in the new user form
|
||||
it 'does searching for organization with a dot in its name' do
|
||||
authenticated_as(agent_user)
|
||||
get '/api/v1/search/organization?query=tes.', as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response['result'].size).to eq(1)
|
||||
expect(json_response['result'][0]['type']).to eq('Organization')
|
||||
target_id = json_response['result'][0]['id']
|
||||
expect(json_response['assets']['Organization'][target_id.to_s]['name']).to eq('Tes.t. Org')
|
||||
end
|
||||
|
||||
# Search query H& should correctly match H&M
|
||||
it 'does searching for organization with _ in its name' do
|
||||
authenticated_as(agent_user)
|
||||
get '/api/v1/search/organization?query=abc_', as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response['result'].size).to eq(1)
|
||||
expect(json_response['result'][0]['type']).to eq('Organization')
|
||||
target_id = json_response['result'][0]['id']
|
||||
expect(json_response['assets']['Organization'][target_id.to_s]['name']).to eq('ABC_D Org')
|
||||
end
|
||||
end
|
||||
end
|
227
spec/requests/settings_spec.rb
Normal file
227
spec/requests/settings_spec.rb
Normal file
|
@ -0,0 +1,227 @@
|
|||
require 'rails_helper'
|
||||
|
||||
RSpec.describe 'Settings', type: :request do
|
||||
|
||||
let(:admin_user) do
|
||||
create(:admin_user)
|
||||
end
|
||||
let(:admin_api_user) do
|
||||
role_api = create(:role)
|
||||
role_api.permission_grant('admin.api')
|
||||
|
||||
create(:admin_user, roles: [role_api])
|
||||
end
|
||||
let(:agent_user) do
|
||||
create(:agent_user)
|
||||
end
|
||||
let(:customer_user) do
|
||||
create(:customer_user)
|
||||
end
|
||||
|
||||
describe 'request handling' do
|
||||
|
||||
it 'does settings index with nobody' do
|
||||
|
||||
# index
|
||||
get '/api/v1/settings', params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['settings']).to be_falsey
|
||||
|
||||
# show
|
||||
setting = Setting.find_by(name: 'product_name')
|
||||
get "/api/v1/settings/#{setting.id}", params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response['error']).to eq('authentication failed')
|
||||
end
|
||||
|
||||
it 'does settings index with admin' do
|
||||
|
||||
# index
|
||||
authenticated_as(admin_user)
|
||||
get '/api/v1/settings', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
expect(json_response).to be_truthy
|
||||
hit_api = false
|
||||
hit_product_name = false
|
||||
json_response.each do |setting|
|
||||
if setting['name'] == 'api_token_access'
|
||||
hit_api = true
|
||||
end
|
||||
if setting['name'] == 'product_name'
|
||||
hit_product_name = true
|
||||
end
|
||||
end
|
||||
expect(hit_api).to eq(true)
|
||||
expect(hit_product_name).to eq(true)
|
||||
|
||||
# show
|
||||
setting = Setting.find_by(name: 'product_name')
|
||||
get "/api/v1/settings/#{setting.id}", params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['name']).to eq('product_name')
|
||||
|
||||
setting = Setting.find_by(name: 'api_token_access')
|
||||
get "/api/v1/settings/#{setting.id}", params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['name']).to eq('api_token_access')
|
||||
|
||||
# update
|
||||
setting = Setting.find_by(name: 'product_name')
|
||||
params = {
|
||||
id: setting.id,
|
||||
name: 'some_new_name',
|
||||
preferences: {
|
||||
permission: ['admin.branding', 'admin.some_new_permission'],
|
||||
some_new_key: true,
|
||||
}
|
||||
}
|
||||
put "/api/v1/settings/#{setting.id}", params: params, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['name']).to eq('product_name')
|
||||
expect(json_response['preferences']['permission'].length).to eq(1)
|
||||
expect(json_response['preferences']['permission'][0]).to eq('admin.branding')
|
||||
expect(json_response['preferences']['some_new_key']).to eq(true)
|
||||
|
||||
# update
|
||||
setting = Setting.find_by(name: 'api_token_access')
|
||||
params = {
|
||||
id: setting.id,
|
||||
name: 'some_new_name',
|
||||
preferences: {
|
||||
permission: ['admin.branding', 'admin.some_new_permission'],
|
||||
some_new_key: true,
|
||||
}
|
||||
}
|
||||
put "/api/v1/settings/#{setting.id}", params: params, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['name']).to eq('api_token_access')
|
||||
expect(json_response['preferences']['permission'].length).to eq(1)
|
||||
expect(json_response['preferences']['permission'][0]).to eq('admin.api')
|
||||
expect(json_response['preferences']['some_new_key']).to eq(true)
|
||||
|
||||
# delete
|
||||
setting = Setting.find_by(name: 'product_name')
|
||||
delete "/api/v1/settings/#{setting.id}", params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response['error']).to eq('Not authorized (feature not possible)')
|
||||
end
|
||||
|
||||
it 'does settings index with admin-api' do
|
||||
|
||||
# index
|
||||
authenticated_as(admin_api_user)
|
||||
get '/api/v1/settings', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
expect(json_response).to be_truthy
|
||||
hit_api = false
|
||||
hit_product_name = false
|
||||
json_response.each do |setting|
|
||||
if setting['name'] == 'api_token_access'
|
||||
hit_api = true
|
||||
end
|
||||
if setting['name'] == 'product_name'
|
||||
hit_product_name = true
|
||||
end
|
||||
end
|
||||
expect(hit_api).to eq(true)
|
||||
expect(hit_product_name).to eq(false)
|
||||
|
||||
# show
|
||||
setting = Setting.find_by(name: 'product_name')
|
||||
get "/api/v1/settings/#{setting.id}", params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response['error']).to eq('Not authorized (required ["admin.branding"])')
|
||||
|
||||
setting = Setting.find_by(name: 'api_token_access')
|
||||
get "/api/v1/settings/#{setting.id}", params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['name']).to eq('api_token_access')
|
||||
|
||||
# update
|
||||
setting = Setting.find_by(name: 'product_name')
|
||||
params = {
|
||||
id: setting.id,
|
||||
name: 'some_new_name',
|
||||
preferences: {
|
||||
permission: ['admin.branding', 'admin.some_new_permission'],
|
||||
some_new_key: true,
|
||||
}
|
||||
}
|
||||
put "/api/v1/settings/#{setting.id}", params: params, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response['error']).to eq('Not authorized (required ["admin.branding"])')
|
||||
|
||||
# update
|
||||
setting = Setting.find_by(name: 'api_token_access')
|
||||
params = {
|
||||
id: setting.id,
|
||||
name: 'some_new_name',
|
||||
preferences: {
|
||||
permission: ['admin.branding', 'admin.some_new_permission'],
|
||||
some_new_key: true,
|
||||
}
|
||||
}
|
||||
put "/api/v1/settings/#{setting.id}", params: params, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['name']).to eq('api_token_access')
|
||||
expect(json_response['preferences']['permission'].length).to eq(1)
|
||||
expect(json_response['preferences']['permission'][0]).to eq('admin.api')
|
||||
expect(json_response['preferences']['some_new_key']).to eq(true)
|
||||
|
||||
# delete
|
||||
setting = Setting.find_by(name: 'product_name')
|
||||
delete "/api/v1/settings/#{setting.id}", params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response['error']).to eq('Not authorized (feature not possible)')
|
||||
end
|
||||
|
||||
it 'does settings index with agent' do
|
||||
|
||||
# index
|
||||
authenticated_as(agent_user)
|
||||
get '/api/v1/settings', params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['settings']).to be_falsey
|
||||
expect(json_response['error']).to eq('Not authorized (user)!')
|
||||
|
||||
# show
|
||||
setting = Setting.find_by(name: 'product_name')
|
||||
get "/api/v1/settings/#{setting.id}", params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response['error']).to eq('Not authorized (user)!')
|
||||
end
|
||||
|
||||
it 'does settings index with customer' do
|
||||
|
||||
# index
|
||||
authenticated_as(customer_user)
|
||||
get '/api/v1/settings', params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['settings']).to be_falsey
|
||||
expect(json_response['error']).to eq('Not authorized (user)!')
|
||||
|
||||
# show
|
||||
setting = Setting.find_by(name: 'product_name')
|
||||
get "/api/v1/settings/#{setting.id}", params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response['error']).to eq('Not authorized (user)!')
|
||||
|
||||
# delete
|
||||
setting = Setting.find_by(name: 'product_name')
|
||||
delete "/api/v1/settings/#{setting.id}", params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response['error']).to eq('Not authorized (user)!')
|
||||
end
|
||||
end
|
||||
end
|
45
spec/requests/sla_spec.rb
Normal file
45
spec/requests/sla_spec.rb
Normal file
|
@ -0,0 +1,45 @@
|
|||
require 'rails_helper'
|
||||
|
||||
RSpec.describe 'SLAs', type: :request do
|
||||
|
||||
let(:admin_user) do
|
||||
create(:admin_user)
|
||||
end
|
||||
|
||||
describe 'request handling' do
|
||||
|
||||
it 'does index sla with nobody' do
|
||||
get '/api/v1/slas', as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('authentication failed')
|
||||
end
|
||||
|
||||
it 'does index sla with admin' do
|
||||
authenticated_as(admin_user)
|
||||
get '/api/v1/slas', as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
expect(json_response).to be_truthy
|
||||
expect(json_response.count).to eq(0)
|
||||
|
||||
get '/api/v1/slas?expand=true', as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
expect(json_response).to be_truthy
|
||||
expect(json_response.count).to eq(0)
|
||||
|
||||
get '/api/v1/slas?full=true', as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response).to be_truthy
|
||||
expect(json_response['record_ids']).to be_truthy
|
||||
expect(json_response['record_ids']).to be_blank
|
||||
expect(json_response['assets']).to be_truthy
|
||||
expect(json_response['assets']['Calendar']).to be_present
|
||||
expect(json_response['assets']).to be_present
|
||||
end
|
||||
end
|
||||
|
||||
end
|
82
spec/requests/taskbar_spec.rb
Normal file
82
spec/requests/taskbar_spec.rb
Normal file
|
@ -0,0 +1,82 @@
|
|||
require 'rails_helper'
|
||||
|
||||
RSpec.describe 'Taskbars', type: :request do
|
||||
|
||||
let(:agent_user) do
|
||||
create(:agent_user)
|
||||
end
|
||||
let(:customer_user) do
|
||||
create(:customer_user)
|
||||
end
|
||||
|
||||
describe 'request handling' do
|
||||
|
||||
it 'does task ownership' do
|
||||
params = {
|
||||
user_id: customer_user.id,
|
||||
client_id: '123',
|
||||
key: 'Ticket-5',
|
||||
callback: 'TicketZoom',
|
||||
state: {
|
||||
ticket: {
|
||||
owner_id: agent_user.id,
|
||||
},
|
||||
article: {},
|
||||
},
|
||||
params: {
|
||||
ticket_id: 5,
|
||||
shown: true,
|
||||
},
|
||||
prio: 3,
|
||||
notify: false,
|
||||
active: false,
|
||||
}
|
||||
|
||||
authenticated_as(agent_user)
|
||||
post '/api/v1/taskbar', params: params, as: :json
|
||||
expect(response).to have_http_status(201)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['client_id']).to eq('123')
|
||||
expect(json_response['user_id']).to eq(agent_user.id)
|
||||
expect(json_response['params']['ticket_id']).to eq(5)
|
||||
expect(json_response['params']['shown']).to eq(true)
|
||||
|
||||
taskbar_id = json_response['id']
|
||||
params[:user_id] = customer_user.id
|
||||
params[:params] = {
|
||||
ticket_id: 5,
|
||||
shown: false,
|
||||
}
|
||||
put "/api/v1/taskbar/#{taskbar_id}", params: params, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['client_id']).to eq('123')
|
||||
expect(json_response['user_id']).to eq(agent_user.id)
|
||||
expect(json_response['params']['ticket_id']).to eq(5)
|
||||
expect(json_response['params']['shown']).to eq(false)
|
||||
|
||||
# try to access with other user
|
||||
params = {
|
||||
active: true,
|
||||
}
|
||||
|
||||
authenticated_as(customer_user)
|
||||
put "/api/v1/taskbar/#{taskbar_id}", params: params, as: :json
|
||||
expect(response).to have_http_status(422)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('Not allowed to access this task.')
|
||||
|
||||
delete "/api/v1/taskbar/#{taskbar_id}", params: {}, as: :json
|
||||
expect(response).to have_http_status(422)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('Not allowed to access this task.')
|
||||
|
||||
# delete with correct user
|
||||
authenticated_as(agent_user)
|
||||
delete "/api/v1/taskbar/#{taskbar_id}", params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response).to be_blank
|
||||
end
|
||||
end
|
||||
end
|
104
spec/requests/text_module_spec.rb
Normal file
104
spec/requests/text_module_spec.rb
Normal file
|
@ -0,0 +1,104 @@
|
|||
require 'rails_helper'
|
||||
require 'byebug'
|
||||
|
||||
RSpec.describe 'Text Module', type: :request do
|
||||
|
||||
let(:admin_user) do
|
||||
create(:admin_user)
|
||||
end
|
||||
let(:agent_user) do
|
||||
create(:agent_user)
|
||||
end
|
||||
let(:customer_user) do
|
||||
create(:customer_user)
|
||||
end
|
||||
|
||||
describe 'request handling' do
|
||||
|
||||
it 'does csv example - customer no access' do
|
||||
authenticated_as(customer_user)
|
||||
get '/api/v1/text_modules/import_example', as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response['error']).to eq('Not authorized (user)!')
|
||||
end
|
||||
|
||||
it 'does csv example - admin access' do
|
||||
TextModule.load('en-en')
|
||||
|
||||
authenticated_as(admin_user)
|
||||
get '/api/v1/text_modules/import_example', as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
rows = CSV.parse(@response.body)
|
||||
header = rows.shift
|
||||
|
||||
expect(header[0]).to eq('id')
|
||||
expect(header[1]).to eq('name')
|
||||
expect(header[2]).to eq('keywords')
|
||||
expect(header[3]).to eq('content')
|
||||
expect(header[4]).to eq('note')
|
||||
expect(header[5]).to eq('active')
|
||||
expect(header).to_not include('organization')
|
||||
expect(header).to_not include('priority')
|
||||
expect(header).to_not include('state')
|
||||
expect(header).to_not include('owner')
|
||||
expect(header).to_not include('customer')
|
||||
end
|
||||
|
||||
it 'does csv import - admin access' do
|
||||
|
||||
# invalid file
|
||||
csv_file_path = Rails.root.join('test', 'data', 'csv', 'text_module_simple_col_not_existing.csv')
|
||||
csv_file = ::Rack::Test::UploadedFile.new(csv_file_path, 'text/csv')
|
||||
|
||||
authenticated_as(admin_user)
|
||||
post '/api/v1/text_modules/import', params: { try: true, file: csv_file, col_sep: ';' }
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
|
||||
expect(json_response['try']).to be_truthy
|
||||
expect(json_response['records'].count).to eq(2)
|
||||
expect(json_response['result']).to eq('failed')
|
||||
expect(json_response['errors'].count).to eq(2)
|
||||
expect(json_response['errors'][0]).to eq("Line 1: unknown attribute 'keywords2' for TextModule.")
|
||||
expect(json_response['errors'][1]).to eq("Line 2: unknown attribute 'keywords2' for TextModule.")
|
||||
|
||||
# valid file try
|
||||
csv_file_path = Rails.root.join('test', 'data', 'csv', 'text_module_simple.csv')
|
||||
csv_file = ::Rack::Test::UploadedFile.new(csv_file_path, 'text/csv')
|
||||
post '/api/v1/text_modules/import?try=true', params: { file: csv_file, col_sep: ';' }
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
|
||||
expect(json_response['try']).to be_truthy
|
||||
expect(json_response['records'].count).to eq(2)
|
||||
expect(json_response['result']).to eq('success')
|
||||
|
||||
expect(TextModule.find_by(name: 'some name1')).to be_nil
|
||||
expect(TextModule.find_by(name: 'some name2')).to be_nil
|
||||
|
||||
# valid file
|
||||
csv_file_path = Rails.root.join('test', 'data', 'csv', 'text_module_simple.csv')
|
||||
csv_file = ::Rack::Test::UploadedFile.new(csv_file_path, 'text/csv')
|
||||
post '/api/v1/text_modules/import', params: { file: csv_file, col_sep: ';' }
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
|
||||
expect(json_response['try']).to eq(false)
|
||||
expect(json_response['records'].count).to eq(2)
|
||||
expect(json_response['result']).to eq('success')
|
||||
|
||||
text_module1 = TextModule.find_by(name: 'some name1')
|
||||
expect(text_module1).to be_truthy
|
||||
expect(text_module1.name).to eq('some name1')
|
||||
expect(text_module1.keywords).to eq('keyword1')
|
||||
expect(text_module1.content).to eq('some<br>content1')
|
||||
expect(text_module1.active).to be_truthy
|
||||
text_module2 = TextModule.find_by(name: 'some name2')
|
||||
expect(text_module2).to be_truthy
|
||||
expect(text_module2.name).to eq('some name2')
|
||||
expect(text_module2.keywords).to eq('keyword2')
|
||||
expect(text_module2.content).to eq('some content<br>test123')
|
||||
expect(text_module2.active).to be_truthy
|
||||
end
|
||||
end
|
||||
end
|
113
spec/requests/ticket/article_attachments_spec.rb
Normal file
113
spec/requests/ticket/article_attachments_spec.rb
Normal file
|
@ -0,0 +1,113 @@
|
|||
require 'rails_helper'
|
||||
|
||||
RSpec.describe 'Ticket Article Attachments', type: :request do
|
||||
|
||||
let(:agent_user) do
|
||||
create(:agent_user, groups: Group.all)
|
||||
end
|
||||
|
||||
describe 'request handling' do
|
||||
|
||||
it 'does test attachment urls' do
|
||||
ticket1 = create(:ticket)
|
||||
article1 = create(:ticket_article, ticket_id: ticket1.id)
|
||||
|
||||
store1 = Store.add(
|
||||
object: 'Ticket::Article',
|
||||
o_id: article1.id,
|
||||
data: 'some content',
|
||||
filename: 'some_file.txt',
|
||||
preferences: {
|
||||
'Content-Type' => 'text/plain',
|
||||
},
|
||||
created_by_id: 1,
|
||||
)
|
||||
article2 = create(:ticket_article, ticket_id: ticket1.id)
|
||||
|
||||
authenticated_as(agent_user)
|
||||
get "/api/v1/ticket_attachment/#{ticket1.id}/#{article1.id}/#{store1.id}", params: {}
|
||||
expect(response).to have_http_status(200)
|
||||
expect('some content').to eq(@response.body)
|
||||
|
||||
authenticated_as(agent_user)
|
||||
get "/api/v1/ticket_attachment/#{ticket1.id}/#{article2.id}/#{store1.id}", params: {}
|
||||
expect(response).to have_http_status(401)
|
||||
expect(@response.body).to match(/401: Unauthorized/)
|
||||
|
||||
ticket2 = create(:ticket)
|
||||
ticket1.merge_to(
|
||||
ticket_id: ticket2.id,
|
||||
user_id: 1,
|
||||
)
|
||||
|
||||
authenticated_as(agent_user)
|
||||
get "/api/v1/ticket_attachment/#{ticket2.id}/#{article1.id}/#{store1.id}", params: {}
|
||||
expect(response).to have_http_status(200)
|
||||
expect('some content').to eq(@response.body)
|
||||
|
||||
authenticated_as(agent_user)
|
||||
get "/api/v1/ticket_attachment/#{ticket2.id}/#{article2.id}/#{store1.id}", params: {}
|
||||
expect(response).to have_http_status(401)
|
||||
expect(@response.body).to match(/401: Unauthorized/)
|
||||
|
||||
# allow access via merged ticket id also
|
||||
authenticated_as(agent_user)
|
||||
get "/api/v1/ticket_attachment/#{ticket1.id}/#{article1.id}/#{store1.id}", params: {}
|
||||
expect(response).to have_http_status(200)
|
||||
expect('some content').to eq(@response.body)
|
||||
|
||||
authenticated_as(agent_user)
|
||||
get "/api/v1/ticket_attachment/#{ticket1.id}/#{article2.id}/#{store1.id}", params: {}
|
||||
expect(response).to have_http_status(401)
|
||||
expect(@response.body).to match(/401: Unauthorized/)
|
||||
|
||||
end
|
||||
|
||||
it 'does test attachments for split' do
|
||||
email_file_path = Rails.root.join('test', 'data', 'mail', 'mail024.box')
|
||||
email_raw_string = File.read(email_file_path)
|
||||
ticket_p, article_p, user_p = Channel::EmailParser.new.process({}, email_raw_string)
|
||||
|
||||
authenticated_as(agent_user)
|
||||
get '/api/v1/ticket_split', params: { form_id: '1234-2', ticket_id: ticket_p.id, article_id: article_p.id }, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response['assets']).to be_truthy
|
||||
expect(json_response['attachments']).to be_a_kind_of(Array)
|
||||
expect(json_response['attachments'].count).to eq(1)
|
||||
expect(json_response['attachments'][0]['filename']).to eq('rulesets-report.csv')
|
||||
|
||||
end
|
||||
|
||||
it 'does test attachments for forward' do
|
||||
email_file_path = Rails.root.join('test', 'data', 'mail', 'mail008.box')
|
||||
email_raw_string = File.read(email_file_path)
|
||||
ticket_p, article_p, user_p = Channel::EmailParser.new.process({}, email_raw_string)
|
||||
|
||||
authenticated_as(agent_user)
|
||||
post "/api/v1/ticket_attachment_upload_clone_by_article/#{article_p.id}", params: {}, as: :json
|
||||
expect(response).to have_http_status(422)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('Need form_id to attach attachments to new form.')
|
||||
|
||||
post "/api/v1/ticket_attachment_upload_clone_by_article/#{article_p.id}", params: { form_id: '1234-1' }, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response['attachments']).to be_a_kind_of(Array)
|
||||
expect(json_response['attachments']).to be_blank
|
||||
|
||||
email_file_path = Rails.root.join('test', 'data', 'mail', 'mail024.box')
|
||||
email_raw_string = File.read(email_file_path)
|
||||
ticket_p, article_p, user_p = Channel::EmailParser.new.process({}, email_raw_string)
|
||||
|
||||
post "/api/v1/ticket_attachment_upload_clone_by_article/#{article_p.id}", params: { form_id: '1234-2' }, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response['attachments']).to be_a_kind_of(Array)
|
||||
expect(json_response['attachments'].count).to eq(1)
|
||||
expect(json_response['attachments'][0]['filename']).to eq('rulesets-report.csv')
|
||||
|
||||
post "/api/v1/ticket_attachment_upload_clone_by_article/#{article_p.id}", params: { form_id: '1234-2' }, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response['attachments']).to be_a_kind_of(Array)
|
||||
expect(json_response['attachments']).to be_blank
|
||||
end
|
||||
end
|
||||
end
|
475
spec/requests/ticket/article_spec.rb
Normal file
475
spec/requests/ticket/article_spec.rb
Normal file
|
@ -0,0 +1,475 @@
|
|||
require 'rails_helper'
|
||||
|
||||
RSpec.describe 'Ticket Article', type: :request do
|
||||
|
||||
let(:admin_user) do
|
||||
create(:admin_user)
|
||||
end
|
||||
let(:agent_user) do
|
||||
create(:agent_user, groups: Group.all)
|
||||
end
|
||||
let(:customer_user) do
|
||||
create(:customer_user)
|
||||
end
|
||||
|
||||
describe 'request handling' do
|
||||
|
||||
it 'does ticket create with agent and articles' do
|
||||
params = {
|
||||
title: 'a new ticket #1',
|
||||
group: 'Users',
|
||||
customer_id: customer_user.id,
|
||||
article: {
|
||||
body: 'some body',
|
||||
}
|
||||
}
|
||||
authenticated_as(agent_user)
|
||||
post '/api/v1/tickets', params: params, as: :json
|
||||
expect(response).to have_http_status(201)
|
||||
|
||||
params = {
|
||||
ticket_id: json_response['id'],
|
||||
content_type: 'text/plain', # or text/html
|
||||
body: 'some body',
|
||||
type: 'note',
|
||||
}
|
||||
post '/api/v1/ticket_articles', params: params, as: :json
|
||||
expect(response).to have_http_status(201)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['subject']).to be_nil
|
||||
expect(json_response['body']).to eq('some body')
|
||||
expect(json_response['content_type']).to eq('text/plain')
|
||||
expect(json_response['updated_by_id']).to eq(agent_user.id)
|
||||
expect(json_response['created_by_id']).to eq(agent_user.id)
|
||||
|
||||
ticket = Ticket.find(json_response['ticket_id'])
|
||||
expect(ticket.articles.count).to eq(2)
|
||||
expect(ticket.articles[0].attachments.count).to eq(0)
|
||||
expect(ticket.articles[1].attachments.count).to eq(0)
|
||||
|
||||
params = {
|
||||
ticket_id: json_response['ticket_id'],
|
||||
content_type: 'text/html', # or text/html
|
||||
body: 'some body <img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAUA
|
||||
AAAFCAYAAACNbyblAAAAHElEQVQI12P4//8/w38GIAXDIBKE0DHxgljNBAAO
|
||||
9TXL0Y4OHwAAAABJRU5ErkJggg==" alt="Red dot" />',
|
||||
type: 'note',
|
||||
}
|
||||
post '/api/v1/ticket_articles', params: params, as: :json
|
||||
expect(response).to have_http_status(201)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['subject']).to be_nil
|
||||
expect(json_response['body']).to_not match(/some body <img src="cid:.+?/)
|
||||
expect(json_response['body']).to match(%r{some body <img src="/api/v1/ticket_attachment/.+?" alt="Red dot"})
|
||||
expect(json_response['content_type']).to eq('text/html')
|
||||
expect(json_response['updated_by_id']).to eq(agent_user.id)
|
||||
expect(json_response['created_by_id']).to eq(agent_user.id)
|
||||
|
||||
expect(ticket.articles.count).to eq(3)
|
||||
expect(ticket.articles[0].attachments.count).to eq(0)
|
||||
expect(ticket.articles[1].attachments.count).to eq(0)
|
||||
expect(ticket.articles[2].attachments.count).to eq(1)
|
||||
expect(ticket.articles[2].attachments[0]['id']).to be_truthy
|
||||
expect(ticket.articles[2].attachments[0]['filename']).to eq('image1.png')
|
||||
expect(ticket.articles[2].attachments[0]['size']).to eq('21')
|
||||
expect(ticket.articles[2].attachments[0]['preferences']['Mime-Type']).to eq('image/png')
|
||||
expect(ticket.articles[2].attachments[0]['preferences']['Content-Disposition']).to eq('inline')
|
||||
expect(ticket.articles[2].attachments[0]['preferences']['Content-ID']).to match(/@zammad.example.com/)
|
||||
|
||||
params = {
|
||||
ticket_id: json_response['ticket_id'],
|
||||
content_type: 'text/html', # or text/html
|
||||
body: 'some body',
|
||||
type: 'note',
|
||||
attachments: [
|
||||
'filename' => 'some_file.txt',
|
||||
'data' => 'dGVzdCAxMjM=',
|
||||
'mime-type' => 'text/plain',
|
||||
],
|
||||
}
|
||||
post '/api/v1/ticket_articles', params: params, as: :json
|
||||
expect(response).to have_http_status(201)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['subject']).to be_nil
|
||||
expect(json_response['body']).to eq('some body')
|
||||
expect(json_response['content_type']).to eq('text/html')
|
||||
expect(json_response['updated_by_id']).to eq(agent_user.id)
|
||||
expect(json_response['created_by_id']).to eq(agent_user.id)
|
||||
|
||||
expect(ticket.articles.count).to eq(4)
|
||||
expect(ticket.articles[0].attachments.count).to eq(0)
|
||||
expect(ticket.articles[1].attachments.count).to eq(0)
|
||||
expect(ticket.articles[2].attachments.count).to eq(1)
|
||||
expect(ticket.articles[3].attachments.count).to eq(1)
|
||||
|
||||
get "/api/v1/ticket_articles/#{json_response['id']}?expand=true", params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['attachments'].count).to eq(1)
|
||||
expect(json_response['attachments'][0]['id']).to be_truthy
|
||||
expect(json_response['attachments'][0]['filename']).to eq('some_file.txt')
|
||||
expect(json_response['attachments'][0]['size']).to eq('8')
|
||||
expect(json_response['attachments'][0]['preferences']['Mime-Type']).to eq('text/plain')
|
||||
|
||||
params = {
|
||||
ticket_id: json_response['ticket_id'],
|
||||
content_type: 'text/plain',
|
||||
body: 'some body',
|
||||
type: 'note',
|
||||
preferences: {
|
||||
some_key1: 123,
|
||||
},
|
||||
}
|
||||
post '/api/v1/ticket_articles', params: params, as: :json
|
||||
expect(response).to have_http_status(201)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['subject']).to be_nil
|
||||
expect(json_response['body']).to eq('some body')
|
||||
expect(json_response['content_type']).to eq('text/plain')
|
||||
expect(json_response['updated_by_id']).to eq(agent_user.id)
|
||||
expect(json_response['created_by_id']).to eq(agent_user.id)
|
||||
expect(json_response['preferences']['some_key1']).to eq(123)
|
||||
expect(ticket.articles.count).to eq(5)
|
||||
|
||||
params = {
|
||||
body: 'some body 2',
|
||||
preferences: {
|
||||
some_key2: 'abc',
|
||||
},
|
||||
}
|
||||
put "/api/v1/ticket_articles/#{json_response['id']}", params: params, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['subject']).to be_nil
|
||||
expect(json_response['body']).to eq('some body 2')
|
||||
expect(json_response['content_type']).to eq('text/plain')
|
||||
expect(json_response['updated_by_id']).to eq(agent_user.id)
|
||||
expect(json_response['created_by_id']).to eq(agent_user.id)
|
||||
expect(json_response['preferences']['some_key1']).to eq(123)
|
||||
expect(json_response['preferences']['some_key2']).to eq('abc')
|
||||
|
||||
end
|
||||
|
||||
it 'does ticket create with customer and articles' do
|
||||
params = {
|
||||
title: 'a new ticket #2',
|
||||
group: 'Users',
|
||||
article: {
|
||||
body: 'some body',
|
||||
}
|
||||
}
|
||||
authenticated_as(customer_user)
|
||||
post '/api/v1/tickets', params: params, as: :json
|
||||
expect(response).to have_http_status(201)
|
||||
|
||||
params = {
|
||||
ticket_id: json_response['id'],
|
||||
content_type: 'text/plain', # or text/html
|
||||
body: 'some body',
|
||||
type: 'note',
|
||||
}
|
||||
post '/api/v1/ticket_articles', params: params, as: :json
|
||||
expect(response).to have_http_status(201)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['subject']).to be_nil
|
||||
expect(json_response['body']).to eq('some body')
|
||||
expect(json_response['content_type']).to eq('text/plain')
|
||||
expect(json_response['updated_by_id']).to eq(customer_user.id)
|
||||
expect(json_response['created_by_id']).to eq(customer_user.id)
|
||||
|
||||
ticket = Ticket.find(json_response['ticket_id'])
|
||||
expect(ticket.articles.count).to eq(2)
|
||||
expect(ticket.articles[1].sender.name).to eq('Customer')
|
||||
expect(ticket.articles[0].attachments.count).to eq(0)
|
||||
expect(ticket.articles[1].attachments.count).to eq(0)
|
||||
|
||||
params = {
|
||||
ticket_id: json_response['ticket_id'],
|
||||
content_type: 'text/plain', # or text/html
|
||||
body: 'some body',
|
||||
sender: 'Agent',
|
||||
type: 'note',
|
||||
}
|
||||
post '/api/v1/ticket_articles', params: params, as: :json
|
||||
expect(response).to have_http_status(201)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['subject']).to be_nil
|
||||
expect(json_response['body']).to eq('some body')
|
||||
expect(json_response['content_type']).to eq('text/plain')
|
||||
expect(json_response['updated_by_id']).to eq(customer_user.id)
|
||||
expect(json_response['created_by_id']).to eq(customer_user.id)
|
||||
|
||||
ticket = Ticket.find(json_response['ticket_id'])
|
||||
expect(ticket.articles.count).to eq(3)
|
||||
expect(ticket.articles[2].sender.name).to eq('Customer')
|
||||
expect(ticket.articles[2].internal).to eq(false)
|
||||
expect(ticket.articles[0].attachments.count).to eq(0)
|
||||
expect(ticket.articles[1].attachments.count).to eq(0)
|
||||
expect(ticket.articles[2].attachments.count).to eq(0)
|
||||
|
||||
params = {
|
||||
ticket_id: json_response['ticket_id'],
|
||||
content_type: 'text/plain', # or text/html
|
||||
body: 'some body 2',
|
||||
sender: 'Agent',
|
||||
type: 'note',
|
||||
internal: true,
|
||||
}
|
||||
post '/api/v1/ticket_articles', params: params, as: :json
|
||||
expect(response).to have_http_status(201)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['subject']).to be_nil
|
||||
expect(json_response['body']).to eq('some body 2')
|
||||
expect(json_response['content_type']).to eq('text/plain')
|
||||
expect(json_response['updated_by_id']).to eq(customer_user.id)
|
||||
expect(json_response['created_by_id']).to eq(customer_user.id)
|
||||
|
||||
ticket = Ticket.find(json_response['ticket_id'])
|
||||
expect(ticket.articles.count).to eq(4)
|
||||
expect(ticket.articles[3].sender.name).to eq('Customer')
|
||||
expect(ticket.articles[3].internal).to eq(false)
|
||||
expect(ticket.articles[0].attachments.count).to eq(0)
|
||||
expect(ticket.articles[1].attachments.count).to eq(0)
|
||||
expect(ticket.articles[2].attachments.count).to eq(0)
|
||||
expect(ticket.articles[3].attachments.count).to eq(0)
|
||||
|
||||
# add internal article
|
||||
article = create(
|
||||
:ticket_article,
|
||||
ticket_id: ticket.id,
|
||||
internal: true,
|
||||
sender: Ticket::Article::Sender.find_by(name: 'Agent'),
|
||||
type: Ticket::Article::Type.find_by(name: 'note'),
|
||||
)
|
||||
expect(ticket.articles.count).to eq(5)
|
||||
expect(ticket.articles[4].sender.name).to eq('Agent')
|
||||
expect(ticket.articles[4].updated_by_id).to eq(1)
|
||||
expect(ticket.articles[4].created_by_id).to eq(1)
|
||||
expect(ticket.articles[0].attachments.count).to eq(0)
|
||||
expect(ticket.articles[1].attachments.count).to eq(0)
|
||||
expect(ticket.articles[2].attachments.count).to eq(0)
|
||||
expect(ticket.articles[3].attachments.count).to eq(0)
|
||||
expect(ticket.articles[4].attachments.count).to eq(0)
|
||||
|
||||
get "/api/v1/ticket_articles/#{article.id}", params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('Not authorized')
|
||||
|
||||
put "/api/v1/ticket_articles/#{article.id}", params: { internal: false }, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['error']).to eq('Not authorized')
|
||||
|
||||
end
|
||||
|
||||
it 'does create phone ticket for customer and expected origin_by_id' do
|
||||
params = {
|
||||
title: 'a new ticket #1',
|
||||
group: 'Users',
|
||||
customer_id: customer_user.id,
|
||||
article: {
|
||||
body: 'some body',
|
||||
sender: 'Customer',
|
||||
type: 'phone',
|
||||
}
|
||||
}
|
||||
authenticated_as(agent_user)
|
||||
post '/api/v1/tickets', params: params, as: :json
|
||||
expect(response).to have_http_status(201)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['title']).to eq('a new ticket #1')
|
||||
|
||||
article = Ticket::Article.find_by(ticket_id: json_response['id'])
|
||||
expect(article.origin_by_id).to eq(customer_user.id)
|
||||
expect(article.from).to eq("#{customer_user.firstname} #{customer_user.lastname} <#{customer_user.email}>")
|
||||
end
|
||||
|
||||
it 'does create phone ticket by customer and manipulate origin_by_id' do
|
||||
params = {
|
||||
title: 'a new ticket #1',
|
||||
group: 'Users',
|
||||
customer_id: customer_user.id,
|
||||
article: {
|
||||
body: 'some body',
|
||||
sender: 'Customer',
|
||||
type: 'phone',
|
||||
origin_by_id: 1,
|
||||
}
|
||||
}
|
||||
authenticated_as(customer_user)
|
||||
post '/api/v1/tickets', params: params, as: :json
|
||||
expect(response).to have_http_status(201)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
|
||||
article = Ticket::Article.find_by(ticket_id: json_response['id'])
|
||||
expect(article.origin_by_id).to eq(customer_user.id)
|
||||
end
|
||||
|
||||
it 'does ticket split with html - check attachments' do
|
||||
ticket = create(:ticket)
|
||||
article = create(
|
||||
:ticket_article,
|
||||
ticket_id: ticket.id,
|
||||
type: Ticket::Article::Type.lookup(name: 'note'),
|
||||
sender: Ticket::Article::Sender.lookup(name: 'Customer'),
|
||||
body: '<b>test</b> <img src="cid:15.274327094.140938@ZAMMAD.example.com"/> test <img src="cid:15.274327094.140938.3@ZAMMAD.example.com"/>',
|
||||
content_type: 'text/html',
|
||||
)
|
||||
Store.add(
|
||||
object: 'Ticket::Article',
|
||||
o_id: article.id,
|
||||
data: 'content_file1_normally_should_be_an_image',
|
||||
filename: 'some_file1.jpg',
|
||||
preferences: {
|
||||
'Content-Type' => 'image/jpeg',
|
||||
'Mime-Type' => 'image/jpeg',
|
||||
'Content-ID' => '15.274327094.140938@zammad.example.com',
|
||||
'Content-Disposition' => 'inline',
|
||||
},
|
||||
created_by_id: 1,
|
||||
)
|
||||
Store.add(
|
||||
object: 'Ticket::Article',
|
||||
o_id: article.id,
|
||||
data: 'content_file2_normally_should_be_an_image',
|
||||
filename: 'some_file2.jpg',
|
||||
preferences: {
|
||||
'Content-Type' => 'image/jpeg',
|
||||
'Mime-Type' => 'image/jpeg',
|
||||
'Content-ID' => '15.274327094.140938.2@zammad.example.com',
|
||||
'Content-Disposition' => 'inline',
|
||||
},
|
||||
created_by_id: 1,
|
||||
)
|
||||
Store.add(
|
||||
object: 'Ticket::Article',
|
||||
o_id: article.id,
|
||||
data: 'content_file3_normally_should_be_an_image',
|
||||
filename: 'some_file3.jpg',
|
||||
preferences: {
|
||||
'Content-Type' => 'image/jpeg',
|
||||
'Mime-Type' => 'image/jpeg',
|
||||
'Content-ID' => '15.274327094.140938.3@zammad.example.com',
|
||||
},
|
||||
created_by_id: 1,
|
||||
)
|
||||
Store.add(
|
||||
object: 'Ticket::Article',
|
||||
o_id: article.id,
|
||||
data: 'content_file4_normally_should_be_an_image',
|
||||
filename: 'some_file4.jpg',
|
||||
preferences: {
|
||||
'Content-Type' => 'image/jpeg',
|
||||
'Mime-Type' => 'image/jpeg',
|
||||
'Content-ID' => '15.274327094.140938.4@zammad.example.com',
|
||||
},
|
||||
created_by_id: 1,
|
||||
)
|
||||
Store.add(
|
||||
object: 'Ticket::Article',
|
||||
o_id: article.id,
|
||||
data: 'content_file1_normally_should_be_an_pdf',
|
||||
filename: 'Rechnung_RE-2018-200.pdf',
|
||||
preferences: {
|
||||
'Content-Type' => 'application/octet-stream; name="Rechnung_RE-2018-200.pdf"',
|
||||
'Mime-Type' => 'application/octet-stream',
|
||||
'Content-ID' => '8AB0BEC88984EE4EBEF643C79C8E0346@zammad.example.com',
|
||||
'Content-Description' => 'Rechnung_RE-2018-200.pdf',
|
||||
'Content-Disposition' => 'attachment',
|
||||
},
|
||||
created_by_id: 1,
|
||||
)
|
||||
|
||||
params = {
|
||||
form_id: 'new_form_id123',
|
||||
}
|
||||
authenticated_as(agent_user)
|
||||
post "/api/v1/ticket_attachment_upload_clone_by_article/#{article.id}", params: params, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['attachments']).to be_truthy
|
||||
expect(json_response['attachments'].count).to eq(3)
|
||||
|
||||
post "/api/v1/ticket_attachment_upload_clone_by_article/#{article.id}", params: params, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['attachments']).to be_truthy
|
||||
expect(json_response['attachments'].count).to eq(0)
|
||||
end
|
||||
|
||||
it 'does ticket split with plain - check attachments' do
|
||||
ticket = create(
|
||||
:ticket,
|
||||
updated_by_id: agent_user.id,
|
||||
created_by_id: agent_user.id,
|
||||
)
|
||||
article = create(
|
||||
:ticket_article,
|
||||
ticket_id: ticket.id,
|
||||
type: Ticket::Article::Type.lookup(name: 'note'),
|
||||
sender: Ticket::Article::Sender.lookup(name: 'Customer'),
|
||||
body: '<b>test</b> <img src="cid:15.274327094.140938@zammad.example.com"/>',
|
||||
content_type: 'text/plain',
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1,
|
||||
)
|
||||
Store.add(
|
||||
object: 'Ticket::Article',
|
||||
o_id: article.id,
|
||||
data: 'content_file1_normally_should_be_an_image',
|
||||
filename: 'some_file1.jpg',
|
||||
preferences: {
|
||||
'Content-Type' => 'image/jpeg',
|
||||
'Mime-Type' => 'image/jpeg',
|
||||
'Content-ID' => '15.274327094.140938@zammad.example.com',
|
||||
'Content-Disposition' => 'inline',
|
||||
},
|
||||
created_by_id: 1,
|
||||
)
|
||||
Store.add(
|
||||
object: 'Ticket::Article',
|
||||
o_id: article.id,
|
||||
data: 'content_file1_normally_should_be_an_image',
|
||||
filename: 'some_file2.jpg',
|
||||
preferences: {
|
||||
'Content-Type' => 'image/jpeg',
|
||||
'Mime-Type' => 'image/jpeg',
|
||||
'Content-ID' => '15.274327094.140938.2@zammad.example.com',
|
||||
'Content-Disposition' => 'inline',
|
||||
},
|
||||
created_by_id: 1,
|
||||
)
|
||||
Store.add(
|
||||
object: 'Ticket::Article',
|
||||
o_id: article.id,
|
||||
data: 'content_file1_normally_should_be_an_pdf',
|
||||
filename: 'Rechnung_RE-2018-200.pdf',
|
||||
preferences: {
|
||||
'Content-Type' => 'application/octet-stream; name="Rechnung_RE-2018-200.pdf"',
|
||||
'Mime-Type' => 'application/octet-stream',
|
||||
'Content-ID' => '8AB0BEC88984EE4EBEF643C79C8E0346@zammad.example.com',
|
||||
'Content-Description' => 'Rechnung_RE-2018-200.pdf',
|
||||
'Content-Disposition' => 'attachment',
|
||||
},
|
||||
created_by_id: 1,
|
||||
)
|
||||
|
||||
params = {
|
||||
form_id: 'new_form_id123',
|
||||
}
|
||||
authenticated_as(agent_user)
|
||||
post "/api/v1/ticket_attachment_upload_clone_by_article/#{article.id}", params: params, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['attachments']).to be_truthy
|
||||
expect(json_response['attachments'].count).to eq(3)
|
||||
|
||||
post "/api/v1/ticket_attachment_upload_clone_by_article/#{article.id}", params: params, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['attachments']).to be_truthy
|
||||
expect(json_response['attachments'].count).to eq(0)
|
||||
end
|
||||
end
|
||||
end
|
153
spec/requests/ticket/escalation_spec.rb
Normal file
153
spec/requests/ticket/escalation_spec.rb
Normal file
|
@ -0,0 +1,153 @@
|
|||
require 'rails_helper'
|
||||
|
||||
RSpec.describe 'Ticket Escalation', type: :request do
|
||||
|
||||
let!(:agent_user) do
|
||||
create(:agent_user, groups: Group.all)
|
||||
end
|
||||
let!(:customer_user) do
|
||||
create(:customer_user)
|
||||
end
|
||||
let!(:calendar) do
|
||||
create(
|
||||
:calendar,
|
||||
name: 'Escalation Test',
|
||||
timezone: 'Europe/Berlin',
|
||||
business_hours: {
|
||||
mon: {
|
||||
active: true,
|
||||
timeframes: [ ['00:00', '23:59'] ]
|
||||
},
|
||||
tue: {
|
||||
active: true,
|
||||
timeframes: [ ['00:00', '23:59'] ]
|
||||
},
|
||||
wed: {
|
||||
active: true,
|
||||
timeframes: [ ['00:00', '23:59'] ]
|
||||
},
|
||||
thu: {
|
||||
active: true,
|
||||
timeframes: [ ['00:00', '23:59'] ]
|
||||
},
|
||||
fri: {
|
||||
active: true,
|
||||
timeframes: [ ['00:00', '23:59'] ]
|
||||
},
|
||||
sat: {
|
||||
active: true,
|
||||
timeframes: [ ['00:00', '23:59'] ]
|
||||
},
|
||||
sun: {
|
||||
active: true,
|
||||
timeframes: [ ['00:00', '23:59'] ]
|
||||
},
|
||||
},
|
||||
default: true,
|
||||
ical_url: nil,
|
||||
)
|
||||
end
|
||||
let!(:sla) do
|
||||
create(
|
||||
:sla,
|
||||
name: 'test sla 1',
|
||||
condition: {
|
||||
'ticket.title' => {
|
||||
operator: 'contains',
|
||||
value: 'some value 123',
|
||||
},
|
||||
},
|
||||
first_response_time: 60,
|
||||
update_time: 180,
|
||||
solution_time: 240,
|
||||
calendar: calendar,
|
||||
)
|
||||
end
|
||||
let!(:mail_group) do
|
||||
create(:group, email_address: create(:email_address) )
|
||||
end
|
||||
|
||||
describe 'request handling' do
|
||||
|
||||
it 'does escalate by ticket created via web' do
|
||||
params = {
|
||||
title: 'some value 123',
|
||||
group: mail_group.name,
|
||||
article: {
|
||||
body: 'some test 123',
|
||||
},
|
||||
}
|
||||
|
||||
authenticated_as(customer_user)
|
||||
post '/api/v1/tickets', params: params, as: :json
|
||||
expect(response).to have_http_status(201)
|
||||
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['state_id']).to eq(Ticket::State.lookup(name: 'new').id)
|
||||
expect(json_response['title']).to eq('some value 123')
|
||||
expect(json_response['updated_by_id']).to eq(customer_user.id)
|
||||
expect(json_response['created_by_id']).to eq(customer_user.id)
|
||||
|
||||
ticket_p = Ticket.find(json_response['id'])
|
||||
|
||||
expect(json_response['escalation_at'].sub(/.\d\d\dZ$/, 'Z')).to eq(ticket_p['escalation_at'].iso8601)
|
||||
expect(json_response['first_response_escalation_at'].sub(/.\d\d\dZ$/, 'Z')).to eq(ticket_p['first_response_escalation_at'].iso8601)
|
||||
expect(json_response['update_escalation_at'].sub(/.\d\d\dZ$/, 'Z')).to eq(ticket_p['update_escalation_at'].iso8601)
|
||||
expect(json_response['close_escalation_at'].sub(/.\d\d\dZ$/, 'Z')).to eq(ticket_p['close_escalation_at'].iso8601)
|
||||
|
||||
expect(ticket_p.escalation_at).to be_truthy
|
||||
expect(ticket_p.first_response_escalation_at.to_i).to be_within(90.seconds).of((ticket_p.created_at + 1.hour).to_i)
|
||||
expect(ticket_p.update_escalation_at.to_i).to be_within(90.seconds).of((ticket_p.created_at + 3.hours).to_i)
|
||||
expect(ticket_p.close_escalation_at.to_i).to be_within(90.seconds).of((ticket_p.created_at + 4.hours).to_i)
|
||||
expect(ticket_p.escalation_at.to_i).to be_within(90.seconds).of((ticket_p.created_at + 1.hour).to_i)
|
||||
end
|
||||
|
||||
it 'does escalate by ticket got created via email - reply by agent via web' do
|
||||
|
||||
email = "From: Bob Smith <customer@example.com>
|
||||
To: #{mail_group.email_address.email}
|
||||
Subject: some value 123
|
||||
|
||||
Some Text"
|
||||
|
||||
ticket_p, article_p, user_p, mail = Channel::EmailParser.new.process({}, email)
|
||||
ticket_p.reload
|
||||
expect(ticket_p.escalation_at).to be_truthy
|
||||
expect(ticket_p.first_response_escalation_at.to_i).to be_within(90.seconds).of((ticket_p.created_at + 1.hour).to_i)
|
||||
expect(ticket_p.update_escalation_at.to_i).to be_within(90.seconds).of((ticket_p.created_at + 3.hours).to_i)
|
||||
expect(ticket_p.close_escalation_at.to_i).to be_within(90.seconds).of((ticket_p.created_at + 4.hours).to_i)
|
||||
expect(ticket_p.escalation_at.to_i).to be_within(90.seconds).of((ticket_p.created_at + 1.hour).to_i)
|
||||
|
||||
travel 3.hours
|
||||
|
||||
params = {
|
||||
title: 'some value 123 - update',
|
||||
article: {
|
||||
body: 'some test 123',
|
||||
type: 'email',
|
||||
to: 'customer@example.com',
|
||||
},
|
||||
}
|
||||
authenticated_as(agent_user)
|
||||
put "/api/v1/tickets/#{ticket_p.id}", params: params, as: :json
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['state_id']).to eq(Ticket::State.lookup(name: 'open').id)
|
||||
expect(json_response['title']).to eq('some value 123 - update')
|
||||
expect(json_response['updated_by_id']).to eq(agent_user.id)
|
||||
expect(json_response['created_by_id']).to eq(user_p.id)
|
||||
|
||||
ticket_p.reload
|
||||
expect(json_response['escalation_at'].sub(/.\d\d\dZ$/, 'Z')).to eq(ticket_p['escalation_at'].iso8601)
|
||||
expect(json_response['first_response_escalation_at'].sub(/.\d\d\dZ$/, 'Z')).to eq(ticket_p['first_response_escalation_at'].iso8601)
|
||||
expect(json_response['update_escalation_at'].sub(/.\d\d\dZ$/, 'Z')).to eq(ticket_p['update_escalation_at'].iso8601)
|
||||
expect(json_response['close_escalation_at'].sub(/.\d\d\dZ$/, 'Z')).to eq(ticket_p['close_escalation_at'].iso8601)
|
||||
|
||||
expect(ticket_p.first_response_escalation_at.to_i).to be_within(90.seconds).of((ticket_p.created_at + 1.hour).to_i)
|
||||
expect(ticket_p.update_escalation_at.to_i).to be_within(90.seconds).of((ticket_p.last_contact_agent_at + 3.hours).to_i)
|
||||
expect(ticket_p.close_escalation_at.to_i).to be_within(90.seconds).of((ticket_p.created_at + 4.hours).to_i)
|
||||
expect(ticket_p.escalation_at.to_i).to be_within(90.seconds).of((ticket_p.created_at + 4.hours).to_i)
|
||||
end
|
||||
end
|
||||
end
|
2082
spec/requests/ticket_spec.rb
Normal file
2082
spec/requests/ticket_spec.rb
Normal file
File diff suppressed because it is too large
Load diff
36
spec/requests/time_accounting_spec.rb
Normal file
36
spec/requests/time_accounting_spec.rb
Normal file
|
@ -0,0 +1,36 @@
|
|||
require 'rails_helper'
|
||||
|
||||
RSpec.describe 'Time Accounting', type: :request do
|
||||
|
||||
let(:admin_user) do
|
||||
create(:admin_user)
|
||||
end
|
||||
let(:customer_user) do
|
||||
create(:customer_user)
|
||||
end
|
||||
let(:year) do
|
||||
DateTime.now.utc.year
|
||||
end
|
||||
let(:month) do
|
||||
DateTime.now.utc.month
|
||||
end
|
||||
|
||||
describe 'request handling' do
|
||||
|
||||
it 'does time account report' do
|
||||
group = create(:group)
|
||||
ticket = create(:ticket, state: Ticket::State.lookup(name: 'open'), customer: customer_user )
|
||||
article = create(:ticket_article, ticket_id: ticket.id, type: Ticket::Article::Type.lookup(name: 'note') )
|
||||
|
||||
create(:ticket_time_accounting, ticket_id: ticket.id, ticket_article_id: article.id)
|
||||
|
||||
authenticated_as(admin_user)
|
||||
get "/api/v1/time_accounting/log/by_ticket/#{year}/#{month}?download=true", params: {}
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
expect(response['Content-Disposition']).to be_truthy
|
||||
expect(response['Content-Disposition']).to eq("attachment; filename=\"by_ticket-#{year}-#{month}.xls\"")
|
||||
expect(response['Content-Type']).to eq('application/vnd.ms-excel')
|
||||
end
|
||||
end
|
||||
end
|
160
spec/requests/user/organization_spec.rb
Normal file
160
spec/requests/user/organization_spec.rb
Normal file
|
@ -0,0 +1,160 @@
|
|||
require 'rails_helper'
|
||||
|
||||
RSpec.describe 'User Organization', type: :request, searchindex: true do
|
||||
|
||||
let!(:admin_user) do
|
||||
create(:admin_user, groups: Group.all)
|
||||
end
|
||||
let!(:agent_user) do
|
||||
create(:agent_user, groups: Group.all)
|
||||
end
|
||||
let!(:customer_user) do
|
||||
create(:customer_user)
|
||||
end
|
||||
let!(:organization) do
|
||||
create(:organization, name: 'Rest Org', note: 'Rest Org A')
|
||||
end
|
||||
let!(:organization2) do
|
||||
create(:organization, name: 'Rest Org #2', note: 'Rest Org B')
|
||||
end
|
||||
let!(:organization3) do
|
||||
create(:organization, name: 'Rest Org #3', note: 'Rest Org C')
|
||||
end
|
||||
let!(:customer_user2) do
|
||||
create(:customer_user, organization: organization)
|
||||
end
|
||||
|
||||
before(:each) do
|
||||
configure_elasticsearch do
|
||||
|
||||
travel 1.minute
|
||||
|
||||
rebuild_searchindex
|
||||
|
||||
# execute background jobs
|
||||
Scheduler.worker(true)
|
||||
|
||||
sleep 6
|
||||
end
|
||||
end
|
||||
|
||||
describe 'request handling' do
|
||||
|
||||
it 'does organization index with agent' do
|
||||
authenticated_as(agent_user)
|
||||
get '/api/v1/organizations', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
expect(json_response[0]['member_ids']).to be_a_kind_of(Array)
|
||||
expect(json_response.length >= 3).to be_truthy
|
||||
|
||||
get '/api/v1/organizations?limit=40&page=1&per_page=2', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response.class).to eq(Array)
|
||||
organizations = Organization.order(:id).limit(2)
|
||||
expect(json_response[0]['id']).to eq(organizations[0].id)
|
||||
expect(json_response[0]['member_ids']).to eq(organizations[0].member_ids)
|
||||
expect(json_response[1]['id']).to eq(organizations[1].id)
|
||||
expect(json_response[1]['member_ids']).to eq(organizations[1].member_ids)
|
||||
expect(json_response.count).to eq(2)
|
||||
|
||||
get '/api/v1/organizations?limit=40&page=2&per_page=2', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response.class).to eq(Array)
|
||||
organizations = Organization.order(:id).limit(4)
|
||||
expect(json_response[0]['id']).to eq(organizations[2].id)
|
||||
expect(json_response[0]['member_ids']).to eq(organizations[2].member_ids)
|
||||
expect(json_response[1]['id']).to eq(organizations[3].id)
|
||||
expect(json_response[1]['member_ids']).to eq(organizations[3].member_ids)
|
||||
|
||||
expect(json_response.count).to eq(2)
|
||||
|
||||
# show/:id
|
||||
get "/api/v1/organizations/#{organization.id}", params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['member_ids']).to be_a_kind_of(Array)
|
||||
expect(json_response['members']).to be_falsey
|
||||
expect('Rest Org').to eq(json_response['name'])
|
||||
|
||||
get "/api/v1/organizations/#{organization2.id}", params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['member_ids']).to be_a_kind_of(Array)
|
||||
expect(json_response['members']).to be_falsey
|
||||
expect('Rest Org #2').to eq(json_response['name'])
|
||||
|
||||
# search as agent
|
||||
Scheduler.worker(true)
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}", params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response.class).to eq(Array)
|
||||
expect(json_response[0]['name']).to eq('Zammad Foundation')
|
||||
expect(json_response[0]['member_ids']).to be_truthy
|
||||
expect(json_response[0]['members']).to be_falsey
|
||||
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}&expand=true", params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response.class).to eq(Array)
|
||||
expect(json_response[0]['name']).to eq('Zammad Foundation')
|
||||
expect(json_response[0]['member_ids']).to be_truthy
|
||||
expect(json_response[0]['members']).to be_truthy
|
||||
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}&label=true", params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response.class).to eq(Array)
|
||||
expect(json_response[0]['label']).to eq('Zammad Foundation')
|
||||
expect(json_response[0]['value']).to eq('Zammad Foundation')
|
||||
expect(json_response[0]['member_ids']).to be_falsey
|
||||
expect(json_response[0]['members']).to be_falsey
|
||||
end
|
||||
|
||||
it 'does organization index with customer1' do
|
||||
authenticated_as(customer_user)
|
||||
get '/api/v1/organizations', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
expect(json_response.length).to eq(0)
|
||||
|
||||
# show/:id
|
||||
get "/api/v1/organizations/#{organization.id}", params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['name']).to be_nil
|
||||
|
||||
get "/api/v1/organizations/#{organization2.id}", params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['name']).to be_nil
|
||||
|
||||
# search
|
||||
Scheduler.worker(true)
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}", params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
end
|
||||
|
||||
it 'does organization index with customer2' do
|
||||
authenticated_as(customer_user2)
|
||||
get '/api/v1/organizations', params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Array)
|
||||
expect(json_response.length).to eq(1)
|
||||
|
||||
# show/:id
|
||||
get "/api/v1/organizations/#{organization.id}", params: {}, as: :json
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect('Rest Org').to eq(json_response['name'])
|
||||
|
||||
get "/api/v1/organizations/#{organization2.id}", params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
expect(json_response).to be_a_kind_of(Hash)
|
||||
expect(json_response['name']).to be_nil
|
||||
|
||||
# search
|
||||
Scheduler.worker(true)
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}", params: {}, as: :json
|
||||
expect(response).to have_http_status(401)
|
||||
end
|
||||
end
|
||||
end
|
676
spec/requests/user/permission_spec.rb
Normal file
676
spec/requests/user/permission_spec.rb
Normal file
|
@ -0,0 +1,676 @@
|
|||
require 'rails_helper'
|
||||
|
||||
RSpec.describe 'User endpoint', type: :request do
|
||||
|
||||
let(:role_with_admin_user_permissions) do
|
||||
create(:role).tap do |role|
|
||||
role.permission_grant('admin.user')
|
||||
end
|
||||
end
|
||||
let(:admin_with_admin_user_permissions) { create(:user, roles: [role_with_admin_user_permissions]) }
|
||||
|
||||
let(:role_without_admin_user_permissions) do
|
||||
create(:role).tap do |role|
|
||||
role.permission_grant('admin.tag')
|
||||
end
|
||||
end
|
||||
let(:admin_without_admin_user_permissions) { create(:user, roles: [role_without_admin_user_permissions]) }
|
||||
|
||||
describe 'User creation' do
|
||||
|
||||
let(:attributes) { attributes_params_for(:user) }
|
||||
|
||||
it 'responds unauthorized for customer' do
|
||||
requester = create(:customer_user)
|
||||
authenticated_as(requester)
|
||||
|
||||
expect do
|
||||
post api_v1_users_path, params: attributes
|
||||
end.to not_change {
|
||||
User.count
|
||||
}
|
||||
|
||||
expect(response).to have_http_status(:unauthorized)
|
||||
end
|
||||
|
||||
context 'privileged attributes' do
|
||||
|
||||
context 'group assignment' do
|
||||
|
||||
# group access assignment is in general only valid for agents
|
||||
# see HasGroups.groups_access_permission?
|
||||
let(:agent_attributes) do
|
||||
attributes.merge(
|
||||
roles: Role.where(name: 'Agent').map(&:name),
|
||||
)
|
||||
end
|
||||
|
||||
shared_examples 'group assignment' do |map_method_id|
|
||||
|
||||
it 'responds success for admin.user' do
|
||||
authenticated_as(admin_with_admin_user_permissions)
|
||||
|
||||
expect do
|
||||
post api_v1_users_path, params: payload
|
||||
end.to change {
|
||||
User.count
|
||||
}.by(1)
|
||||
|
||||
expect(response).to have_http_status(:success)
|
||||
expect(User.last.send(map_method_id)).to eq(send(map_method_id))
|
||||
end
|
||||
|
||||
it 'responds unauthorized for sub admin without admin.user' do
|
||||
authenticated_as(admin_without_admin_user_permissions)
|
||||
|
||||
expect do
|
||||
post api_v1_users_path, params: payload
|
||||
end.to not_change {
|
||||
User.count
|
||||
}
|
||||
|
||||
expect(response).to have_http_status(:unauthorized)
|
||||
end
|
||||
|
||||
it 'responds successful for agent but removes assignment' do
|
||||
requester = create(:agent_user)
|
||||
authenticated_as(requester)
|
||||
|
||||
expect do
|
||||
post api_v1_users_path, params: payload
|
||||
end.to change {
|
||||
User.count
|
||||
}.by(1)
|
||||
|
||||
expect(response).to have_http_status(:success)
|
||||
expect(User.last.send(map_method_id)).to be_blank
|
||||
end
|
||||
end
|
||||
|
||||
context 'parameter groups' do
|
||||
|
||||
let(:group_names_access_map) do
|
||||
Group.all.map { |g| [g.name, ['full']] }.to_h
|
||||
end
|
||||
|
||||
let(:payload) do
|
||||
agent_attributes.merge(
|
||||
groups: group_names_access_map,
|
||||
)
|
||||
end
|
||||
|
||||
it_behaves_like 'group assignment', :group_names_access_map
|
||||
end
|
||||
|
||||
context 'parameter group_ids' do
|
||||
|
||||
let(:group_ids_access_map) do
|
||||
Group.all.map { |g| [g.id, ['full']] }.to_h
|
||||
end
|
||||
|
||||
let(:payload) do
|
||||
agent_attributes.merge(
|
||||
group_ids: group_ids_access_map,
|
||||
)
|
||||
end
|
||||
|
||||
it_behaves_like 'group assignment', :group_ids_access_map
|
||||
end
|
||||
end
|
||||
|
||||
context 'role assignment' do
|
||||
|
||||
shared_examples 'role assignment' do
|
||||
|
||||
let(:privileged) { Role.where(name: 'Admin') }
|
||||
|
||||
it 'responds success for admin.user' do
|
||||
authenticated_as(admin_with_admin_user_permissions)
|
||||
|
||||
expect do
|
||||
post api_v1_users_path, params: payload
|
||||
end.to change {
|
||||
User.count
|
||||
}.by(1)
|
||||
|
||||
expect(response).to have_http_status(:success)
|
||||
expect(User.last.roles).to eq(privileged)
|
||||
end
|
||||
|
||||
it 'responds unauthorized for sub admin without admin.user' do
|
||||
authenticated_as(admin_without_admin_user_permissions)
|
||||
|
||||
expect do
|
||||
post api_v1_users_path, params: payload
|
||||
end.to not_change {
|
||||
User.count
|
||||
}
|
||||
|
||||
expect(response).to have_http_status(:unauthorized)
|
||||
end
|
||||
|
||||
it 'responds successful for agent but removes assignment' do
|
||||
requester = create(:agent_user)
|
||||
authenticated_as(requester)
|
||||
|
||||
expect do
|
||||
post api_v1_users_path, params: payload
|
||||
end.to change {
|
||||
User.count
|
||||
}.by(1)
|
||||
|
||||
expect(response).to have_http_status(:success)
|
||||
expect(User.last.roles).to eq(Role.signup_roles)
|
||||
end
|
||||
end
|
||||
|
||||
context 'parameter roles' do
|
||||
let(:payload) do
|
||||
attributes.merge(
|
||||
roles: privileged.map(&:name),
|
||||
)
|
||||
end
|
||||
|
||||
it_behaves_like 'role assignment'
|
||||
end
|
||||
|
||||
context 'parameter role_ids' do
|
||||
let(:payload) do
|
||||
attributes.merge(
|
||||
role_ids: privileged.map(&:id),
|
||||
)
|
||||
end
|
||||
|
||||
it_behaves_like 'role assignment'
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe 'User update' do
|
||||
|
||||
def authorized_update_request(requester:, requested:)
|
||||
authenticated_as(requester)
|
||||
|
||||
expect do
|
||||
put api_v1_update_user_path(requested), params: cleaned_params_for(requested).merge(firstname: 'Changed')
|
||||
end.to change {
|
||||
requested.reload.firstname
|
||||
}
|
||||
|
||||
expect(response).to have_http_status(:success)
|
||||
end
|
||||
|
||||
def unauthorized_update_request(requester:, requested:)
|
||||
authenticated_as(requester)
|
||||
|
||||
expect do
|
||||
put api_v1_update_user_path(requested), params: cleaned_params_for(requested).merge(firstname: 'Changed')
|
||||
end.to not_change {
|
||||
requested.reload.attributes
|
||||
}
|
||||
|
||||
expect(response).to have_http_status(:unauthorized)
|
||||
end
|
||||
|
||||
context 'request by admin.user' do
|
||||
|
||||
let(:requester) { admin_with_admin_user_permissions }
|
||||
|
||||
it 'is successful for same admin' do
|
||||
authorized_update_request(
|
||||
requester: requester,
|
||||
requested: requester,
|
||||
)
|
||||
end
|
||||
|
||||
it 'is successful for other admin' do
|
||||
authorized_update_request(
|
||||
requester: requester,
|
||||
requested: create(:admin_user),
|
||||
)
|
||||
end
|
||||
|
||||
it 'is successful for agent' do
|
||||
authorized_update_request(
|
||||
requester: requester,
|
||||
requested: create(:agent_user),
|
||||
)
|
||||
end
|
||||
|
||||
it 'is successful for customer' do
|
||||
authorized_update_request(
|
||||
requester: requester,
|
||||
requested: create(:customer_user),
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
context 'request by sub admin without admin.user' do
|
||||
|
||||
let(:requester) { admin_without_admin_user_permissions }
|
||||
|
||||
it 'is unauthorized for same admin' do
|
||||
unauthorized_update_request(
|
||||
requester: requester,
|
||||
requested: requester,
|
||||
)
|
||||
end
|
||||
|
||||
it 'is unauthorized for other admin' do
|
||||
unauthorized_update_request(
|
||||
requester: requester,
|
||||
requested: create(:admin_user),
|
||||
)
|
||||
end
|
||||
|
||||
it 'is unauthorized for agent' do
|
||||
unauthorized_update_request(
|
||||
requester: requester,
|
||||
requested: create(:agent_user),
|
||||
)
|
||||
end
|
||||
|
||||
it 'is unauthorized for customer' do
|
||||
unauthorized_update_request(
|
||||
requester: requester,
|
||||
requested: create(:customer_user),
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
context 'request by agent' do
|
||||
|
||||
let(:requester) { create(:agent_user) }
|
||||
|
||||
it 'is unauthorized for admin' do
|
||||
unauthorized_update_request(
|
||||
requester: requester,
|
||||
requested: create(:admin_user),
|
||||
)
|
||||
end
|
||||
|
||||
it 'is unauthorized same agent' do
|
||||
unauthorized_update_request(
|
||||
requester: requester,
|
||||
requested: requester,
|
||||
)
|
||||
end
|
||||
|
||||
it 'is unauthorized for other agent' do
|
||||
unauthorized_update_request(
|
||||
requester: requester,
|
||||
requested: create(:agent_user),
|
||||
)
|
||||
end
|
||||
|
||||
it 'is successful for customer' do
|
||||
authorized_update_request(
|
||||
requester: requester,
|
||||
requested: create(:customer_user),
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
context 'request by customer' do
|
||||
|
||||
let(:requester) { create(:customer_user) }
|
||||
|
||||
it 'is unauthorized for admin' do
|
||||
unauthorized_update_request(
|
||||
requester: requester,
|
||||
requested: create(:admin_user),
|
||||
)
|
||||
end
|
||||
|
||||
it 'is unauthorized for agent' do
|
||||
unauthorized_update_request(
|
||||
requester: requester,
|
||||
requested: create(:agent_user),
|
||||
)
|
||||
end
|
||||
|
||||
it 'is unauthorized for same customer' do
|
||||
unauthorized_update_request(
|
||||
requester: requester,
|
||||
requested: requester,
|
||||
)
|
||||
end
|
||||
|
||||
it 'is unauthorized for other customer' do
|
||||
unauthorized_update_request(
|
||||
requester: requester,
|
||||
requested: create(:customer_user),
|
||||
)
|
||||
end
|
||||
|
||||
it 'is unauthorized for same organization' do
|
||||
same_organization = create(:organization)
|
||||
|
||||
requester.update!(organization: same_organization)
|
||||
|
||||
unauthorized_update_request(
|
||||
requester: requester,
|
||||
requested: create(:customer_user, organization: same_organization),
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
context 'privileged attributes' do
|
||||
|
||||
let(:requested) { create(:user) }
|
||||
let(:attribute) { privileged.keys.first }
|
||||
let(:payload) { cleaned_params_for(requested).merge(privileged) }
|
||||
|
||||
def value_of_attribute
|
||||
# we need to call .to_a otherwise Rails will load the
|
||||
# ActiveRecord::Associations::CollectionProxy
|
||||
# on comparsion which is to late
|
||||
requested.reload.public_send(attribute).to_a
|
||||
end
|
||||
|
||||
shared_examples 'admin types requests' do
|
||||
|
||||
it 'responds success for admin.user' do
|
||||
authenticated_as(admin_with_admin_user_permissions)
|
||||
|
||||
expect do
|
||||
put api_v1_update_user_path(requested), params: payload
|
||||
end.to change {
|
||||
value_of_attribute
|
||||
}
|
||||
expect(response).to have_http_status(:success)
|
||||
end
|
||||
|
||||
it 'responds unauthorized for sub admin without admin.user' do
|
||||
authenticated_as(admin_without_admin_user_permissions)
|
||||
|
||||
expect do
|
||||
put api_v1_update_user_path(requested), params: payload
|
||||
end.to not_change {
|
||||
value_of_attribute
|
||||
}
|
||||
|
||||
expect(response).to have_http_status(:unauthorized)
|
||||
end
|
||||
end
|
||||
|
||||
shared_examples 'permitted agent update' do
|
||||
|
||||
it 'responds successful for agent but removes assignment' do
|
||||
requester = create(:agent_user)
|
||||
authenticated_as(requester)
|
||||
|
||||
expect do
|
||||
put api_v1_update_user_path(requested), params: payload
|
||||
end.to change {
|
||||
value_of_attribute
|
||||
}
|
||||
|
||||
expect(response).to have_http_status(:success)
|
||||
end
|
||||
end
|
||||
|
||||
shared_examples 'forbidden agent update' do
|
||||
|
||||
it 'responds successful for agent but removes assignment' do
|
||||
requester = create(:agent_user)
|
||||
authenticated_as(requester)
|
||||
|
||||
expect do
|
||||
put api_v1_update_user_path(requested), params: payload
|
||||
end.to not_change {
|
||||
value_of_attribute
|
||||
}
|
||||
|
||||
expect(response).to have_http_status(:success)
|
||||
end
|
||||
end
|
||||
|
||||
context 'group assignment' do
|
||||
|
||||
context 'parameter groups' do
|
||||
|
||||
let(:privileged) do
|
||||
{
|
||||
groups: Group.all.map { |g| [g.name, ['full']] }.to_h
|
||||
}
|
||||
end
|
||||
|
||||
it_behaves_like 'admin types requests'
|
||||
it_behaves_like 'forbidden agent update'
|
||||
end
|
||||
|
||||
context 'parameter group_ids' do
|
||||
|
||||
let(:privileged) do
|
||||
{
|
||||
group_ids: Group.all.map { |g| [g.id, ['full']] }.to_h
|
||||
}
|
||||
end
|
||||
|
||||
it_behaves_like 'admin types requests'
|
||||
it_behaves_like 'forbidden agent update'
|
||||
end
|
||||
end
|
||||
|
||||
context 'role assignment' do
|
||||
|
||||
let(:admin_role) { Role.where(name: 'Admin') }
|
||||
|
||||
context 'parameter roles' do
|
||||
let(:privileged) do
|
||||
{
|
||||
roles: admin_role.map(&:name),
|
||||
}
|
||||
end
|
||||
|
||||
it_behaves_like 'admin types requests'
|
||||
it_behaves_like 'forbidden agent update'
|
||||
end
|
||||
|
||||
context 'parameter role_ids' do
|
||||
let(:privileged) do
|
||||
{
|
||||
role_ids: admin_role.map(&:id),
|
||||
}
|
||||
end
|
||||
|
||||
it_behaves_like 'admin types requests'
|
||||
it_behaves_like 'forbidden agent update'
|
||||
end
|
||||
end
|
||||
|
||||
context 'organization assignment' do
|
||||
|
||||
let(:new_organizations) { create_list(:organization, 2) }
|
||||
|
||||
context 'parameter organizations' do
|
||||
let(:privileged) do
|
||||
{
|
||||
organizations: new_organizations.map(&:name),
|
||||
}
|
||||
end
|
||||
|
||||
it_behaves_like 'admin types requests'
|
||||
it_behaves_like 'permitted agent update'
|
||||
end
|
||||
|
||||
context 'parameter organization_ids' do
|
||||
let(:privileged) do
|
||||
{
|
||||
organization_ids: new_organizations.map(&:id),
|
||||
}
|
||||
end
|
||||
|
||||
it_behaves_like 'admin types requests'
|
||||
it_behaves_like 'permitted agent update'
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe 'User deletion' do
|
||||
|
||||
def authorized_destroy_request(requester:, requested:)
|
||||
authenticated_as(requester)
|
||||
|
||||
delete api_v1_delete_user_path(requested)
|
||||
|
||||
expect(response).to have_http_status(:success)
|
||||
expect(requested).not_to exist_in_database
|
||||
end
|
||||
|
||||
def unauthorized_destroy_request(requester:, requested:)
|
||||
authenticated_as(requester)
|
||||
|
||||
delete api_v1_delete_user_path(requested)
|
||||
|
||||
expect(response).to have_http_status(:unauthorized)
|
||||
expect(requested).to exist_in_database
|
||||
end
|
||||
|
||||
context 'request by admin.user' do
|
||||
|
||||
let(:requester) { admin_with_admin_user_permissions }
|
||||
|
||||
it 'is successful for same admin' do
|
||||
authorized_destroy_request(
|
||||
requester: requester,
|
||||
requested: requester,
|
||||
)
|
||||
end
|
||||
|
||||
it 'is successful for other admin' do
|
||||
authorized_destroy_request(
|
||||
requester: requester,
|
||||
requested: create(:admin_user),
|
||||
)
|
||||
end
|
||||
|
||||
it 'is successful for agent' do
|
||||
authorized_destroy_request(
|
||||
requester: requester,
|
||||
requested: create(:agent_user),
|
||||
)
|
||||
end
|
||||
|
||||
it 'is successful for customer' do
|
||||
authorized_destroy_request(
|
||||
requester: requester,
|
||||
requested: create(:customer_user),
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
context 'request by sub admin without admin.user' do
|
||||
|
||||
let(:requester) { admin_without_admin_user_permissions }
|
||||
|
||||
it 'is unauthorized for same admin' do
|
||||
unauthorized_destroy_request(
|
||||
requester: requester,
|
||||
requested: requester,
|
||||
)
|
||||
end
|
||||
|
||||
it 'is unauthorized for other admin' do
|
||||
unauthorized_destroy_request(
|
||||
requester: requester,
|
||||
requested: create(:admin_user),
|
||||
)
|
||||
end
|
||||
|
||||
it 'is unauthorized for agent' do
|
||||
unauthorized_destroy_request(
|
||||
requester: requester,
|
||||
requested: create(:agent_user),
|
||||
)
|
||||
end
|
||||
|
||||
it 'is unauthorized for customer' do
|
||||
unauthorized_destroy_request(
|
||||
requester: requester,
|
||||
requested: create(:customer_user),
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
context 'request by agent' do
|
||||
|
||||
let(:requester) { create(:agent_user) }
|
||||
|
||||
it 'is unauthorized for admin' do
|
||||
unauthorized_destroy_request(
|
||||
requester: requester,
|
||||
requested: create(:admin_user),
|
||||
)
|
||||
end
|
||||
|
||||
it 'is unauthorized same agent' do
|
||||
unauthorized_destroy_request(
|
||||
requester: requester,
|
||||
requested: requester,
|
||||
)
|
||||
end
|
||||
|
||||
it 'is unauthorized for other agent' do
|
||||
unauthorized_destroy_request(
|
||||
requester: requester,
|
||||
requested: create(:agent_user),
|
||||
)
|
||||
end
|
||||
|
||||
it 'is unauthorized for customer' do
|
||||
unauthorized_destroy_request(
|
||||
requester: requester,
|
||||
requested: create(:customer_user),
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
context 'request by customer' do
|
||||
|
||||
let(:requester) { create(:customer_user) }
|
||||
|
||||
it 'is unauthorized for admin' do
|
||||
unauthorized_destroy_request(
|
||||
requester: requester,
|
||||
requested: create(:admin_user),
|
||||
)
|
||||
end
|
||||
|
||||
it 'is unauthorized for agent' do
|
||||
unauthorized_destroy_request(
|
||||
requester: requester,
|
||||
requested: create(:agent_user),
|
||||
)
|
||||
end
|
||||
|
||||
it 'is unauthorized for same customer' do
|
||||
unauthorized_destroy_request(
|
||||
requester: requester,
|
||||
requested: requester,
|
||||
)
|
||||
end
|
||||
|
||||
it 'is unauthorized for other customer' do
|
||||
unauthorized_destroy_request(
|
||||
requester: requester,
|
||||
requested: create(:customer_user),
|
||||
)
|
||||
end
|
||||
|
||||
it 'is unauthorized for same organization' do
|
||||
same_organization = create(:organization)
|
||||
|
||||
requester.update!(organization: same_organization)
|
||||
|
||||
unauthorized_destroy_request(
|
||||
requester: requester,
|
||||
requested: create(:customer_user, organization: same_organization),
|
||||
)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
File diff suppressed because it is too large
Load diff
|
@ -51,16 +51,38 @@ module ZammadSpecSupportRequest
|
|||
# @example
|
||||
# authenticated_as(some_admin_user)
|
||||
#
|
||||
# @example
|
||||
# authenticated_as(some_admin_user, on_behalf_of: customer_user)
|
||||
#
|
||||
# @example
|
||||
# authenticated_as(some_admin_user, password: 'wrongpw')
|
||||
#
|
||||
# @example
|
||||
# authenticated_as(some_admin_user, password: 'wrongpw', token: create(:token, action: 'api', user_id: some_admin_user.id) )
|
||||
#
|
||||
# @example
|
||||
# authenticated_as(nil, login: 'not_existing', password: 'wrongpw' )
|
||||
#
|
||||
# @return nil
|
||||
def authenticated_as(user)
|
||||
def authenticated_as(user, login: nil, password: nil, token: nil, on_behalf_of: nil)
|
||||
password ||= user.password
|
||||
login ||= user.login
|
||||
|
||||
# mock authentication otherwise login won't
|
||||
# if user has no password (which is expensive to create)
|
||||
if user.password.nil?
|
||||
allow(User).to receive(:authenticate).with(user.login, '').and_return(user)
|
||||
if password.nil?
|
||||
allow(User).to receive(:authenticate).with(login, '').and_return(user)
|
||||
end
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials(user.login, user.password)
|
||||
add_headers('Authorization' => credentials)
|
||||
# if we want to authenticate by token
|
||||
if token.present?
|
||||
credentials = "Token token=#{token.name}"
|
||||
|
||||
return add_headers('Authorization' => credentials)
|
||||
end
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials(login, password)
|
||||
add_headers('Authorization' => credentials, 'X-On-Behalf-Of' => on_behalf_of)
|
||||
end
|
||||
|
||||
# Provides a Hash of attributes for the given FactoryBot
|
||||
|
@ -106,4 +128,8 @@ end
|
|||
|
||||
RSpec.configure do |config|
|
||||
config.include ZammadSpecSupportRequest, type: :request
|
||||
|
||||
config.before(:each, type: :request) do
|
||||
Setting.set('system_init_done', true)
|
||||
end
|
||||
end
|
||||
|
|
56
spec/support/searchindex_backend.rb
Normal file
56
spec/support/searchindex_backend.rb
Normal file
|
@ -0,0 +1,56 @@
|
|||
require 'rake'
|
||||
|
||||
module SearchindexBackendHelper
|
||||
|
||||
def configure_elasticsearch(required: false)
|
||||
if ENV['ES_URL'].blank?
|
||||
return if !required
|
||||
raise "ERROR: Need ES_URL - hint ES_URL='http://127.0.0.1:9200'"
|
||||
end
|
||||
|
||||
Setting.set('es_url', ENV['ES_URL'])
|
||||
|
||||
# Setting.set('es_url', 'http://127.0.0.1:9200')
|
||||
# Setting.set('es_index', 'estest.local_zammad')
|
||||
# Setting.set('es_user', 'elasticsearch')
|
||||
# Setting.set('es_password', 'zammad')
|
||||
|
||||
if ENV['ES_INDEX_RAND'].present?
|
||||
rand_id = ENV.fetch('CI_JOB_ID', "r#{rand(999)}")
|
||||
test_method_name = subject.gsub(/[^\w]/, '_')
|
||||
ENV['ES_INDEX'] = "es_index_#{test_method_name}_#{rand_id}_#{rand(999_999_999)}"
|
||||
end
|
||||
if ENV['ES_INDEX'].blank?
|
||||
raise "ERROR: Need ES_INDEX - hint ES_INDEX='estest.local_zammad'"
|
||||
end
|
||||
Setting.set('es_index', ENV['ES_INDEX'])
|
||||
|
||||
# set max attachment size in mb
|
||||
Setting.set('es_attachment_max_size_in_mb', 1)
|
||||
|
||||
yield if block_given?
|
||||
end
|
||||
|
||||
def rebuild_searchindex
|
||||
Rake::Task.clear
|
||||
Zammad::Application.load_tasks
|
||||
Rake::Task['searchindex:rebuild'].execute
|
||||
end
|
||||
|
||||
def self.included(base)
|
||||
|
||||
# Execute in RSpec class context
|
||||
base.class_exec do
|
||||
|
||||
after(:each) do
|
||||
next if ENV['ES_URL'].blank?
|
||||
|
||||
Rake::Task['searchindex:drop'].execute
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
RSpec.configure do |config|
|
||||
config.include SearchindexBackendHelper, searchindex: true
|
||||
end
|
|
@ -1,443 +0,0 @@
|
|||
|
||||
require 'test_helper'
|
||||
|
||||
class ApiAuthControllerTest < ActionDispatch::IntegrationTest
|
||||
setup do
|
||||
|
||||
# set accept header
|
||||
@headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: %w[Admin Agent])
|
||||
groups = Group.all
|
||||
|
||||
UserInfo.current_user_id = 1
|
||||
@admin = User.create!(
|
||||
login: 'api-admin',
|
||||
firstname: 'API',
|
||||
lastname: 'Admin',
|
||||
email: 'api-admin@example.com',
|
||||
password: 'adminpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: 'Agent')
|
||||
@agent = User.create!(
|
||||
login: 'api-agent@example.com',
|
||||
firstname: 'API',
|
||||
lastname: 'Agent',
|
||||
email: 'api-agent@example.com',
|
||||
password: 'agentpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
# create customer without org
|
||||
roles = Role.where(name: 'Customer')
|
||||
@customer = User.create!(
|
||||
login: 'api-customer1@example.com',
|
||||
firstname: 'API',
|
||||
lastname: 'Customer1',
|
||||
email: 'api-customer1@example.com',
|
||||
password: 'customer1pw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
)
|
||||
|
||||
end
|
||||
|
||||
test 'basic auth - admin' do
|
||||
|
||||
admin_credentials = ActionController::HttpAuthentication::Basic.encode_credentials('api-admin@example.com', 'adminpw')
|
||||
|
||||
Setting.set('api_password_access', false)
|
||||
get '/api/v1/sessions', params: {}, headers: @headers.merge('Authorization' => admin_credentials)
|
||||
assert_response(401)
|
||||
assert_not(@response.header.key?('Access-Control-Allow-Origin'))
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('API password access disabled!', result['error'])
|
||||
|
||||
Setting.set('api_password_access', true)
|
||||
get '/api/v1/sessions', params: {}, headers: @headers.merge('Authorization' => admin_credentials)
|
||||
assert_response(200)
|
||||
assert_equal('*', @response.header['Access-Control-Allow-Origin'])
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert(result)
|
||||
end
|
||||
|
||||
test 'basic auth - agent' do
|
||||
|
||||
agent_credentials = ActionController::HttpAuthentication::Basic.encode_credentials('api-agent@example.com', 'agentpw')
|
||||
|
||||
Setting.set('api_password_access', false)
|
||||
get '/api/v1/tickets', params: {}, headers: @headers.merge('Authorization' => agent_credentials)
|
||||
assert_response(401)
|
||||
assert_not(@response.header.key?('Access-Control-Allow-Origin'))
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('API password access disabled!', result['error'])
|
||||
|
||||
Setting.set('api_password_access', true)
|
||||
get '/api/v1/tickets', params: {}, headers: @headers.merge('Authorization' => agent_credentials)
|
||||
assert_response(200)
|
||||
assert_equal('*', @response.header['Access-Control-Allow-Origin'])
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert(result)
|
||||
end
|
||||
|
||||
test 'basic auth - customer' do
|
||||
|
||||
customer_credentials = ActionController::HttpAuthentication::Basic.encode_credentials('api-customer1@example.com', 'customer1pw')
|
||||
|
||||
Setting.set('api_password_access', false)
|
||||
get '/api/v1/tickets', params: {}, headers: @headers.merge('Authorization' => customer_credentials)
|
||||
assert_response(401)
|
||||
assert_not(@response.header.key?('Access-Control-Allow-Origin'))
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('API password access disabled!', result['error'])
|
||||
|
||||
Setting.set('api_password_access', true)
|
||||
get '/api/v1/tickets', params: {}, headers: @headers.merge('Authorization' => customer_credentials)
|
||||
assert_response(200)
|
||||
assert_equal('*', @response.header['Access-Control-Allow-Origin'])
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert(result)
|
||||
end
|
||||
|
||||
test 'token auth - admin' do
|
||||
|
||||
admin_token = Token.create(
|
||||
action: 'api',
|
||||
persistent: true,
|
||||
user_id: @admin.id,
|
||||
preferences: {
|
||||
permission: ['admin.session'],
|
||||
},
|
||||
)
|
||||
admin_credentials = "Token token=#{admin_token.name}"
|
||||
|
||||
Setting.set('api_token_access', false)
|
||||
get '/api/v1/sessions', params: {}, headers: @headers.merge('Authorization' => admin_credentials)
|
||||
assert_response(401)
|
||||
assert_not(@response.header.key?('Access-Control-Allow-Origin'))
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('API token access disabled!', result['error'])
|
||||
|
||||
Setting.set('api_token_access', true)
|
||||
get '/api/v1/sessions', params: {}, headers: @headers.merge('Authorization' => admin_credentials)
|
||||
assert_response(200)
|
||||
assert_equal('*', @response.header['Access-Control-Allow-Origin'])
|
||||
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert(result)
|
||||
|
||||
admin_token.preferences[:permission] = ['admin.session_not_existing']
|
||||
admin_token.save!
|
||||
|
||||
get '/api/v1/sessions', params: {}, headers: @headers.merge('Authorization' => admin_credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('Not authorized (token)!', result['error'])
|
||||
|
||||
admin_token.preferences[:permission] = []
|
||||
admin_token.save!
|
||||
|
||||
get '/api/v1/sessions', params: {}, headers: @headers.merge('Authorization' => admin_credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('Not authorized (token)!', result['error'])
|
||||
|
||||
@admin.active = false
|
||||
@admin.save!
|
||||
|
||||
get '/api/v1/sessions', params: {}, headers: @headers.merge('Authorization' => admin_credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('User is inactive!', result['error'])
|
||||
|
||||
admin_token.preferences[:permission] = ['admin.session']
|
||||
admin_token.save!
|
||||
|
||||
get '/api/v1/sessions', params: {}, headers: @headers.merge('Authorization' => admin_credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('User is inactive!', result['error'])
|
||||
|
||||
@admin.active = true
|
||||
@admin.save!
|
||||
|
||||
get '/api/v1/sessions', params: {}, headers: @headers.merge('Authorization' => admin_credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert(result)
|
||||
|
||||
get '/api/v1/roles', params: {}, headers: @headers.merge('Authorization' => admin_credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('Not authorized (token)!', result['error'])
|
||||
|
||||
admin_token.preferences[:permission] = ['admin.session_not_existing', 'admin.role']
|
||||
admin_token.save!
|
||||
|
||||
get '/api/v1/roles', params: {}, headers: @headers.merge('Authorization' => admin_credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert(result)
|
||||
|
||||
admin_token.preferences[:permission] = ['ticket.agent']
|
||||
admin_token.save!
|
||||
|
||||
get '/api/v1/organizations', params: {}, headers: @headers.merge('Authorization' => admin_credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert(result)
|
||||
|
||||
name = "some org name #{rand(999_999_999)}"
|
||||
post '/api/v1/organizations', params: { name: name }.to_json, headers: @headers.merge('Authorization' => admin_credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal(name, result['name'])
|
||||
assert(result)
|
||||
|
||||
name = "some org name #{rand(999_999_999)} - 2"
|
||||
put "/api/v1/organizations/#{result['id']}", params: { name: name }.to_json, headers: @headers.merge('Authorization' => admin_credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal(name, result['name'])
|
||||
assert(result)
|
||||
|
||||
admin_token.preferences[:permission] = ['admin.organization']
|
||||
admin_token.save!
|
||||
|
||||
get '/api/v1/organizations', params: {}, headers: @headers.merge('Authorization' => admin_credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert(result)
|
||||
|
||||
name = "some org name #{rand(999_999_999)}"
|
||||
post '/api/v1/organizations', params: { name: name }.to_json, headers: @headers.merge('Authorization' => admin_credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal(name, result['name'])
|
||||
assert(result)
|
||||
|
||||
name = "some org name #{rand(999_999_999)} - 2"
|
||||
put "/api/v1/organizations/#{result['id']}", params: { name: name }.to_json, headers: @headers.merge('Authorization' => admin_credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal(name, result['name'])
|
||||
assert(result)
|
||||
|
||||
admin_token.preferences[:permission] = ['admin']
|
||||
admin_token.save!
|
||||
|
||||
get '/api/v1/organizations', params: {}, headers: @headers.merge('Authorization' => admin_credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert(result)
|
||||
|
||||
name = "some org name #{rand(999_999_999)}"
|
||||
post '/api/v1/organizations', params: { name: name }.to_json, headers: @headers.merge('Authorization' => admin_credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal(name, result['name'])
|
||||
assert(result)
|
||||
|
||||
name = "some org name #{rand(999_999_999)} - 2"
|
||||
put "/api/v1/organizations/#{result['id']}", params: { name: name }.to_json, headers: @headers.merge('Authorization' => admin_credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal(name, result['name'])
|
||||
assert(result)
|
||||
|
||||
end
|
||||
|
||||
test 'token auth - agent' do
|
||||
|
||||
agent_token = Token.create(
|
||||
action: 'api',
|
||||
persistent: true,
|
||||
user_id: @agent.id,
|
||||
)
|
||||
agent_credentials = "Token token=#{agent_token.name}"
|
||||
|
||||
Setting.set('api_token_access', false)
|
||||
get '/api/v1/tickets', params: {}, headers: @headers.merge('Authorization' => agent_credentials)
|
||||
assert_response(401)
|
||||
assert_not(@response.header.key?('Access-Control-Allow-Origin'))
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('API token access disabled!', result['error'])
|
||||
|
||||
Setting.set('api_token_access', true)
|
||||
get '/api/v1/tickets', params: {}, headers: @headers.merge('Authorization' => agent_credentials)
|
||||
assert_response(200)
|
||||
assert_equal('*', @response.header['Access-Control-Allow-Origin'])
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert(result)
|
||||
|
||||
get '/api/v1/organizations', params: {}, headers: @headers.merge('Authorization' => agent_credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert(result)
|
||||
|
||||
name = "some org name #{rand(999_999_999)}"
|
||||
post '/api/v1/organizations', params: { name: name }.to_json, headers: @headers.merge('Authorization' => agent_credentials)
|
||||
assert_response(401)
|
||||
|
||||
end
|
||||
|
||||
test 'token auth - customer' do
|
||||
|
||||
customer_token = Token.create(
|
||||
action: 'api',
|
||||
persistent: true,
|
||||
user_id: @customer.id,
|
||||
)
|
||||
customer_credentials = "Token token=#{customer_token.name}"
|
||||
|
||||
Setting.set('api_token_access', false)
|
||||
get '/api/v1/tickets', params: {}, headers: @headers.merge('Authorization' => customer_credentials)
|
||||
assert_response(401)
|
||||
assert_not(@response.header.key?('Access-Control-Allow-Origin'))
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('API token access disabled!', result['error'])
|
||||
|
||||
Setting.set('api_token_access', true)
|
||||
get '/api/v1/tickets', params: {}, headers: @headers.merge('Authorization' => customer_credentials)
|
||||
assert_equal('*', @response.header['Access-Control-Allow-Origin'])
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert(result)
|
||||
|
||||
get '/api/v1/organizations', params: {}, headers: @headers.merge('Authorization' => customer_credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert(result)
|
||||
|
||||
name = "some org name #{rand(999_999_999)}"
|
||||
post '/api/v1/organizations', params: { name: name }.to_json, headers: @headers.merge('Authorization' => customer_credentials)
|
||||
assert_response(401)
|
||||
end
|
||||
|
||||
test 'token auth - invalid user - admin' do
|
||||
|
||||
admin_token = Token.create(
|
||||
action: 'api',
|
||||
persistent: true,
|
||||
user_id: @admin.id,
|
||||
)
|
||||
admin_credentials = "Token token=#{admin_token.name}"
|
||||
|
||||
@admin.active = false
|
||||
@admin.save!
|
||||
|
||||
Setting.set('api_token_access', false)
|
||||
get '/api/v1/sessions', params: {}, headers: @headers.merge('Authorization' => admin_credentials)
|
||||
assert_response(401)
|
||||
assert_not(@response.header.key?('Access-Control-Allow-Origin'))
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('API token access disabled!', result['error'])
|
||||
|
||||
Setting.set('api_token_access', true)
|
||||
get '/api/v1/sessions', params: {}, headers: @headers.merge('Authorization' => admin_credentials)
|
||||
assert_response(401)
|
||||
assert_not(@response.header.key?('Access-Control-Allow-Origin'))
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('User is inactive!', result['error'])
|
||||
end
|
||||
|
||||
test 'token auth - expired' do
|
||||
|
||||
Setting.set('api_token_access', true)
|
||||
|
||||
admin_token = Token.create(
|
||||
action: 'api',
|
||||
persistent: true,
|
||||
user_id: @admin.id,
|
||||
expires_at: Time.zone.today
|
||||
)
|
||||
admin_credentials = "Token token=#{admin_token.name}"
|
||||
|
||||
get '/api/v1/tickets', params: {}, headers: @headers.merge('Authorization' => admin_credentials)
|
||||
assert_response(401)
|
||||
assert_not(@response.header.key?('Access-Control-Allow-Origin'))
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('Not authorized (token expired)!', result['error'])
|
||||
|
||||
admin_token.reload
|
||||
assert_in_delta(admin_token.last_used_at, Time.zone.now, 1.second)
|
||||
end
|
||||
|
||||
test 'token auth - not expired' do
|
||||
|
||||
Setting.set('api_token_access', true)
|
||||
|
||||
admin_token = Token.create(
|
||||
action: 'api',
|
||||
persistent: true,
|
||||
user_id: @admin.id,
|
||||
expires_at: Time.zone.tomorrow
|
||||
)
|
||||
admin_credentials = "Token token=#{admin_token.name}"
|
||||
|
||||
get '/api/v1/tickets', params: {}, headers: @headers.merge('Authorization' => admin_credentials)
|
||||
assert_response(200)
|
||||
assert_equal('*', @response.header['Access-Control-Allow-Origin'])
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert(result)
|
||||
|
||||
admin_token.reload
|
||||
assert_in_delta(admin_token.last_used_at, Time.zone.now, 1.second)
|
||||
end
|
||||
|
||||
test 'session auth - admin' do
|
||||
|
||||
post '/api/v1/signin', params: { username: 'api-admin@example.com', password: 'adminpw', fingerprint: '123456789' }
|
||||
assert_not(@response.header.key?('Access-Control-Allow-Origin'))
|
||||
assert_response(201)
|
||||
|
||||
get '/api/v1/sessions', params: {}
|
||||
assert_response(200)
|
||||
assert_not(@response.header.key?('Access-Control-Allow-Origin'))
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert(result)
|
||||
end
|
||||
end
|
|
@ -1,231 +0,0 @@
|
|||
|
||||
require 'test_helper'
|
||||
|
||||
class ApiAuthControllerTest < ActionDispatch::IntegrationTest
|
||||
setup do
|
||||
|
||||
# set accept header
|
||||
@headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: %w[Admin Agent])
|
||||
groups = Group.all
|
||||
|
||||
UserInfo.current_user_id = 1
|
||||
@admin = User.create!(
|
||||
login: 'api-admin-auth-behalf',
|
||||
firstname: 'API',
|
||||
lastname: 'Admin',
|
||||
email: 'api-admin-auth-behalf@example.com',
|
||||
password: 'adminpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
# create customer without org
|
||||
roles = Role.where(name: 'Customer')
|
||||
@customer = User.create!(
|
||||
login: 'api-customer1-auth-behalf@example.com',
|
||||
firstname: 'API',
|
||||
lastname: 'Customer1',
|
||||
email: 'api-customer1-auth-behalf@example.com',
|
||||
password: 'customer1pw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
)
|
||||
|
||||
end
|
||||
|
||||
test 'X-On-Behalf-Of auth - ticket create admin for customer by id' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('api-admin-auth-behalf@example.com', 'adminpw')
|
||||
|
||||
ticket_create_headers = @headers.merge(
|
||||
'Authorization' => credentials,
|
||||
'X-On-Behalf-Of' => @customer.id,
|
||||
)
|
||||
|
||||
params = {
|
||||
title: 'a new ticket #3',
|
||||
group: 'Users',
|
||||
priority: '2 normal',
|
||||
state: 'new',
|
||||
customer_id: @customer.id,
|
||||
article: {
|
||||
body: 'some test 123',
|
||||
},
|
||||
}
|
||||
post '/api/v1/tickets', params: params.to_json, headers: ticket_create_headers
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal(result['created_by_id'], @customer.id)
|
||||
end
|
||||
|
||||
test 'X-On-Behalf-Of auth - ticket create admin for customer by login' do
|
||||
ActivityStream.cleanup(1.year)
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('api-admin-auth-behalf@example.com', 'adminpw')
|
||||
|
||||
ticket_create_headers = @headers.merge(
|
||||
'Authorization' => credentials,
|
||||
'X-On-Behalf-Of' => @customer.login,
|
||||
)
|
||||
admin_headers = @headers.merge(
|
||||
'Authorization' => credentials,
|
||||
)
|
||||
|
||||
params = {
|
||||
title: 'a new ticket #3',
|
||||
group: 'Users',
|
||||
priority: '2 normal',
|
||||
state: 'new',
|
||||
customer_id: @customer.id,
|
||||
article: {
|
||||
body: 'some test 123',
|
||||
},
|
||||
}
|
||||
post '/api/v1/tickets', params: params.to_json, headers: ticket_create_headers
|
||||
assert_response(201)
|
||||
result_ticket_create = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result_ticket_create.class)
|
||||
assert_equal(result_ticket_create['created_by_id'], @customer.id)
|
||||
|
||||
get '/api/v1/activity_stream?full=true', params: {}, headers: admin_headers
|
||||
assert_response(200)
|
||||
result_activity_stream = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result_activity_stream.class)
|
||||
|
||||
ticket_created = nil
|
||||
result_activity_stream['record_ids'].each do |record_id|
|
||||
activity_stream = ActivityStream.find(record_id)
|
||||
next if activity_stream.object.name != 'Ticket'
|
||||
next if activity_stream.o_id != result_ticket_create['id']
|
||||
ticket_created = activity_stream
|
||||
end
|
||||
|
||||
assert(ticket_created)
|
||||
assert_equal(ticket_created.created_by_id, @customer.id)
|
||||
|
||||
get '/api/v1/activity_stream', params: {}, headers: admin_headers
|
||||
assert_response(200)
|
||||
result_activity_stream = JSON.parse(@response.body)
|
||||
assert_equal(Array, result_activity_stream.class)
|
||||
|
||||
ticket_created = nil
|
||||
result_activity_stream.each do |record|
|
||||
activity_stream = ActivityStream.find(record['id'])
|
||||
next if activity_stream.object.name != 'Ticket'
|
||||
next if activity_stream.o_id != result_ticket_create['id']
|
||||
ticket_created = activity_stream
|
||||
end
|
||||
|
||||
assert(ticket_created)
|
||||
assert_equal(ticket_created.created_by_id, @customer.id)
|
||||
|
||||
end
|
||||
|
||||
test 'X-On-Behalf-Of auth - ticket create admin for customer by email' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('api-admin-auth-behalf@example.com', 'adminpw')
|
||||
|
||||
ticket_create_headers = @headers.merge(
|
||||
'Authorization' => credentials,
|
||||
'X-On-Behalf-Of' => @customer.email,
|
||||
)
|
||||
|
||||
params = {
|
||||
title: 'a new ticket #3',
|
||||
group: 'Users',
|
||||
priority: '2 normal',
|
||||
state: 'new',
|
||||
customer_id: @customer.id,
|
||||
article: {
|
||||
body: 'some test 123',
|
||||
},
|
||||
}
|
||||
post '/api/v1/tickets', params: params.to_json, headers: ticket_create_headers
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal(result['created_by_id'], @customer.id)
|
||||
end
|
||||
|
||||
test 'X-On-Behalf-Of auth - ticket create admin for unknown' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('api-admin-auth-behalf@example.com', 'adminpw')
|
||||
|
||||
ticket_create_headers = @headers.merge(
|
||||
'Authorization' => credentials,
|
||||
'X-On-Behalf-Of' => 99_449_494_949,
|
||||
)
|
||||
|
||||
params = {
|
||||
title: 'a new ticket #3',
|
||||
group: 'Users',
|
||||
priority: '2 normal',
|
||||
state: 'new',
|
||||
customer_id: @customer.id,
|
||||
article: {
|
||||
body: 'some test 123',
|
||||
},
|
||||
}
|
||||
post '/api/v1/tickets', params: params.to_json, headers: ticket_create_headers
|
||||
assert_response(401)
|
||||
assert_not(@response.header.key?('Access-Control-Allow-Origin'))
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal("No such user '99449494949'", result['error'])
|
||||
end
|
||||
|
||||
test 'X-On-Behalf-Of auth - ticket create customer for admin' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('api-customer1-auth-behalf@example.com', 'customer1pw')
|
||||
|
||||
ticket_create_headers = @headers.merge(
|
||||
'Authorization' => credentials,
|
||||
'X-On-Behalf-Of' => @admin.email,
|
||||
)
|
||||
|
||||
params = {
|
||||
title: 'a new ticket #3',
|
||||
group: 'Users',
|
||||
priority: '2 normal',
|
||||
state: 'new',
|
||||
customer_id: @customer.id,
|
||||
article: {
|
||||
body: 'some test 123',
|
||||
},
|
||||
}
|
||||
post '/api/v1/tickets', params: params.to_json, headers: ticket_create_headers
|
||||
assert_response(401)
|
||||
assert_not(@response.header.key?('Access-Control-Allow-Origin'))
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal("Current user has no permission to use 'X-On-Behalf-Of'!", result['error'])
|
||||
end
|
||||
|
||||
test 'X-On-Behalf-Of auth - ticket create admin for customer by email but no permitted action' do
|
||||
group_secret = Group.new(name: 'secret1234')
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('api-admin-auth-behalf@example.com', 'adminpw')
|
||||
|
||||
ticket_create_headers = @headers.merge(
|
||||
'Authorization' => credentials,
|
||||
'X-On-Behalf-Of' => @customer.email,
|
||||
)
|
||||
|
||||
params = {
|
||||
title: 'a new ticket #3',
|
||||
group: group_secret.name,
|
||||
priority: '2 normal',
|
||||
state: 'new',
|
||||
customer_id: @customer.id,
|
||||
article: {
|
||||
body: 'some test 123',
|
||||
},
|
||||
}
|
||||
post '/api/v1/tickets', params: params.to_json, headers: ticket_create_headers
|
||||
assert_response(422)
|
||||
assert_not(@response.header.key?('Access-Control-Allow-Origin'))
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('No lookup value found for \'group\': "secret1234"', result['error'])
|
||||
end
|
||||
end
|
|
@ -1,121 +0,0 @@
|
|||
|
||||
require 'test_helper'
|
||||
|
||||
class BasicControllerTest < ActionDispatch::IntegrationTest
|
||||
|
||||
test 'json requests' do
|
||||
|
||||
@headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
|
||||
|
||||
# 404
|
||||
get '/not_existing_url', params: {}, headers: @headers
|
||||
assert_response(404)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert(result['error'], 'No route matches [GET] /not_existing_url')
|
||||
|
||||
# 401
|
||||
get '/api/v1/organizations', params: {}, headers: @headers
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert(result['error'], 'authentication failed')
|
||||
|
||||
# 422
|
||||
get '/tests/unprocessable_entity', params: {}, headers: @headers
|
||||
assert_response(422)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert(result['error'], 'some error message')
|
||||
|
||||
# 401
|
||||
get '/tests/not_authorized', params: {}, headers: @headers
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert(result['error'], 'some error message')
|
||||
|
||||
# 401
|
||||
get '/tests/ar_not_found', params: {}, headers: @headers
|
||||
assert_response(404)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert(result['error'], 'some error message')
|
||||
|
||||
# 500
|
||||
get '/tests/standard_error', params: {}, headers: @headers
|
||||
assert_response(500)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert(result['error'], 'some error message')
|
||||
|
||||
# 422
|
||||
get '/tests/argument_error', params: {}, headers: @headers
|
||||
assert_response(422)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert(result['error'], 'some error message')
|
||||
|
||||
end
|
||||
|
||||
test 'html requests' do
|
||||
|
||||
# 404
|
||||
get '/not_existing_url', params: {}, headers: @headers
|
||||
assert_response(404)
|
||||
assert_match(/<html/, @response.body)
|
||||
assert_match(%r{<title>404: Not Found</title>}, @response.body)
|
||||
assert_match(%r{<h1>404: Requested Ressource was not found.</h1>}, @response.body)
|
||||
assert_match(%r{No route matches \[GET\] /not_existing_url}, @response.body)
|
||||
|
||||
# 401
|
||||
get '/api/v1/organizations', params: {}, headers: @headers
|
||||
assert_response(401)
|
||||
assert_match(/<html/, @response.body)
|
||||
assert_match(%r{<title>401: Unauthorized</title>}, @response.body)
|
||||
assert_match(%r{<h1>401: Unauthorized</h1>}, @response.body)
|
||||
assert_match(/authentication failed/, @response.body)
|
||||
|
||||
# 422
|
||||
get '/tests/unprocessable_entity', params: {}, headers: @headers
|
||||
assert_response(422)
|
||||
assert_match(/<html/, @response.body)
|
||||
assert_match(%r{<title>422: Unprocessable Entity</title>}, @response.body)
|
||||
assert_match(%r{<h1>422: The change you wanted was rejected.</h1>}, @response.body)
|
||||
assert_match(/some error message/, @response.body)
|
||||
|
||||
# 401
|
||||
get '/tests/not_authorized', params: {}, headers: @headers
|
||||
assert_response(401)
|
||||
assert_match(/<html/, @response.body)
|
||||
assert_match(%r{<title>401: Unauthorized</title>}, @response.body)
|
||||
assert_match(%r{<h1>401: Unauthorized</h1>}, @response.body)
|
||||
assert_match(/some error message/, @response.body)
|
||||
|
||||
# 401
|
||||
get '/tests/ar_not_found', params: {}, headers: @headers
|
||||
assert_response(404)
|
||||
assert_match(/<html/, @response.body)
|
||||
assert_match(%r{<title>404: Not Found</title>}, @response.body)
|
||||
assert_match(%r{<h1>404: Requested Ressource was not found.</h1>}, @response.body)
|
||||
assert_match(/some error message/, @response.body)
|
||||
|
||||
# 500
|
||||
get '/tests/standard_error', params: {}, headers: @headers
|
||||
assert_response(500)
|
||||
assert_match(/<html/, @response.body)
|
||||
assert_match(%r{<title>500: Something went wrong</title>}, @response.body)
|
||||
assert_match(%r{<h1>500: We're sorry, but something went wrong.</h1>}, @response.body)
|
||||
assert_match(/some error message/, @response.body)
|
||||
|
||||
# 422
|
||||
get '/tests/argument_error', params: {}, headers: @headers
|
||||
assert_response(422)
|
||||
assert_match(/<html/, @response.body)
|
||||
assert_match(%r{<title>422: Unprocessable Entity</title>}, @response.body)
|
||||
assert_match(%r{<h1>422: The change you wanted was rejected.</h1>}, @response.body)
|
||||
assert_match(/some error message/, @response.body)
|
||||
|
||||
end
|
||||
|
||||
end
|
|
@ -1,90 +0,0 @@
|
|||
|
||||
require 'test_helper'
|
||||
|
||||
class CalendarControllerTest < ActionDispatch::IntegrationTest
|
||||
setup do
|
||||
|
||||
# set accept header
|
||||
@headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: %w[Admin Agent])
|
||||
groups = Group.all
|
||||
|
||||
UserInfo.current_user_id = 1
|
||||
@admin = User.create!(
|
||||
login: 'calendar-admin',
|
||||
firstname: 'Packages',
|
||||
lastname: 'Admin',
|
||||
email: 'calendar-admin@example.com',
|
||||
password: 'adminpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
end
|
||||
|
||||
test '01 calendar index with nobody' do
|
||||
|
||||
get '/api/v1/calendars', params: {}, headers: @headers
|
||||
assert_response(401)
|
||||
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('authentication failed', result['error'])
|
||||
|
||||
get '/api/v1/calendars_init', params: {}, headers: @headers
|
||||
assert_response(401)
|
||||
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('authentication failed', result['error'])
|
||||
end
|
||||
|
||||
test '02 calendar index with admin' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('calendar-admin@example.com', 'adminpw')
|
||||
|
||||
# index
|
||||
get '/api/v1/calendars', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert(result)
|
||||
assert_equal(1, result.count)
|
||||
|
||||
get '/api/v1/calendars?expand=true', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert(result)
|
||||
assert_equal(1, result.count)
|
||||
|
||||
get '/api/v1/calendars?full=true', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert(result)
|
||||
assert(result['record_ids'])
|
||||
assert_equal(1, result['record_ids'].count)
|
||||
assert(result['assets'])
|
||||
assert(result['assets'].present?)
|
||||
|
||||
# index
|
||||
get '/api/v1/calendars_init', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert(result['record_ids'])
|
||||
assert(result['ical_feeds'])
|
||||
assert_equal('Denmark', result['ical_feeds']['http://www.google.com/calendar/ical/da.danish%23holiday%40group.v.calendar.google.com/public/basic.ics'])
|
||||
assert_equal('Austria', result['ical_feeds']['http://www.google.com/calendar/ical/de.austrian%23holiday%40group.v.calendar.google.com/public/basic.ics'])
|
||||
assert(result['timezones'])
|
||||
assert_equal(2, result['timezones']['Africa/Johannesburg'])
|
||||
assert_equal(-8, result['timezones']['America/Sitka'])
|
||||
assert(result['assets'])
|
||||
|
||||
end
|
||||
|
||||
end
|
|
@ -1,90 +0,0 @@
|
|||
|
||||
require 'test_helper'
|
||||
|
||||
class CalendarsControllerTest < ActionDispatch::IntegrationTest
|
||||
setup do
|
||||
|
||||
# set accept header
|
||||
@headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: %w[Admin Agent])
|
||||
groups = Group.all
|
||||
|
||||
UserInfo.current_user_id = 1
|
||||
@admin = User.create!(
|
||||
login: 'calendar-admin',
|
||||
firstname: 'Packages',
|
||||
lastname: 'Admin',
|
||||
email: 'calendar-admin@example.com',
|
||||
password: 'adminpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
end
|
||||
|
||||
test '01 calendar index with nobody' do
|
||||
|
||||
get '/api/v1/calendars', params: {}, headers: @headers
|
||||
assert_response(401)
|
||||
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('authentication failed', result['error'])
|
||||
|
||||
get '/api/v1/calendars_init', params: {}, headers: @headers
|
||||
assert_response(401)
|
||||
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('authentication failed', result['error'])
|
||||
end
|
||||
|
||||
test '02 calendar index with admin' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('calendar-admin@example.com', 'adminpw')
|
||||
|
||||
# index
|
||||
get '/api/v1/calendars', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert(result)
|
||||
assert_equal(1, result.count)
|
||||
|
||||
get '/api/v1/calendars?expand=true', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert(result)
|
||||
assert_equal(1, result.count)
|
||||
|
||||
get '/api/v1/calendars?full=true', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert(result)
|
||||
assert(result['record_ids'])
|
||||
assert_equal(1, result['record_ids'].count)
|
||||
assert(result['assets'])
|
||||
assert(result['assets'].present?)
|
||||
|
||||
# index
|
||||
get '/api/v1/calendars_init', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert(result['record_ids'])
|
||||
assert(result['ical_feeds'])
|
||||
assert_equal('Denmark', result['ical_feeds']['http://www.google.com/calendar/ical/da.danish%23holiday%40group.v.calendar.google.com/public/basic.ics'])
|
||||
assert_equal('Austria', result['ical_feeds']['http://www.google.com/calendar/ical/de.austrian%23holiday%40group.v.calendar.google.com/public/basic.ics'])
|
||||
assert(result['timezones'])
|
||||
assert_equal(2, result['timezones']['Africa/Johannesburg'])
|
||||
assert_equal(-8, result['timezones']['America/Sitka'])
|
||||
assert(result['assets'])
|
||||
|
||||
end
|
||||
|
||||
end
|
|
@ -1,244 +0,0 @@
|
|||
require 'test_helper'
|
||||
|
||||
class FormControllerTest < ActionDispatch::IntegrationTest
|
||||
include SearchindexHelper
|
||||
|
||||
setup do
|
||||
@headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json', 'REMOTE_ADDR' => '1.2.3.4' }
|
||||
|
||||
configure_elasticsearch
|
||||
|
||||
Ticket.destroy_all
|
||||
|
||||
rebuild_searchindex
|
||||
end
|
||||
|
||||
test '01 - get config call' do
|
||||
post '/api/v1/form_config', params: {}.to_json, headers: @headers
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_equal(result['error'], 'Not authorized')
|
||||
end
|
||||
|
||||
test '02 - get config call' do
|
||||
Setting.set('form_ticket_create', true)
|
||||
post '/api/v1/form_config', params: {}.to_json, headers: @headers
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_equal(result['error'], 'Not authorized')
|
||||
|
||||
end
|
||||
|
||||
test '03 - get config call & do submit' do
|
||||
Setting.set('form_ticket_create', true)
|
||||
fingerprint = SecureRandom.hex(40)
|
||||
post '/api/v1/form_config', params: { fingerprint: fingerprint }.to_json, headers: @headers
|
||||
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_equal(result['enabled'], true)
|
||||
assert_equal(result['endpoint'], 'http://zammad.example.com/api/v1/form_submit')
|
||||
assert(result['token'])
|
||||
token = result['token']
|
||||
|
||||
post '/api/v1/form_submit', params: { fingerprint: fingerprint, token: 'invalid' }.to_json, headers: @headers
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_equal(result['error'], 'Not authorized')
|
||||
|
||||
post '/api/v1/form_submit', params: { fingerprint: fingerprint, token: token }.to_json, headers: @headers
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
|
||||
assert(result['errors'])
|
||||
assert_equal(result['errors']['name'], 'required')
|
||||
assert_equal(result['errors']['email'], 'required')
|
||||
assert_equal(result['errors']['title'], 'required')
|
||||
assert_equal(result['errors']['body'], 'required')
|
||||
|
||||
post '/api/v1/form_submit', params: { fingerprint: fingerprint, token: token, email: 'some' }.to_json, headers: @headers
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
|
||||
assert(result['errors'])
|
||||
assert_equal(result['errors']['name'], 'required')
|
||||
assert_equal(result['errors']['email'], 'invalid')
|
||||
assert_equal(result['errors']['title'], 'required')
|
||||
assert_equal(result['errors']['body'], 'required')
|
||||
|
||||
post '/api/v1/form_submit', params: { fingerprint: fingerprint, token: token, name: 'Bob Smith', email: 'discard@znuny.com', title: 'test', body: 'hello' }.to_json, headers: @headers
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
|
||||
assert_not(result['errors'])
|
||||
assert(result['ticket'])
|
||||
assert(result['ticket']['id'])
|
||||
assert(result['ticket']['number'])
|
||||
|
||||
travel 5.hours
|
||||
|
||||
post '/api/v1/form_submit', params: { fingerprint: fingerprint, token: token, name: 'Bob Smith', email: 'discard@znuny.com', title: 'test', body: 'hello' }.to_json, headers: @headers
|
||||
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
|
||||
assert_not(result['errors'])
|
||||
assert(result['ticket'])
|
||||
assert(result['ticket']['id'])
|
||||
assert(result['ticket']['number'])
|
||||
|
||||
travel 20.hours
|
||||
|
||||
post '/api/v1/form_submit', params: { fingerprint: fingerprint, token: token, name: 'Bob Smith', email: 'discard@znuny.com', title: 'test', body: 'hello' }.to_json, headers: @headers
|
||||
assert_response(401)
|
||||
|
||||
end
|
||||
|
||||
test '04 - get config call & do submit' do
|
||||
Setting.set('form_ticket_create', true)
|
||||
fingerprint = SecureRandom.hex(40)
|
||||
post '/api/v1/form_config', params: { fingerprint: fingerprint }.to_json, headers: @headers
|
||||
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_equal(result['enabled'], true)
|
||||
assert_equal(result['endpoint'], 'http://zammad.example.com/api/v1/form_submit')
|
||||
assert(result['token'])
|
||||
token = result['token']
|
||||
|
||||
post '/api/v1/form_submit', params: { fingerprint: fingerprint, token: 'invalid' }.to_json, headers: @headers
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_equal(result['error'], 'Not authorized')
|
||||
|
||||
post '/api/v1/form_submit', params: { fingerprint: fingerprint, token: token }.to_json, headers: @headers
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
|
||||
assert(result['errors'])
|
||||
assert_equal(result['errors']['name'], 'required')
|
||||
assert_equal(result['errors']['email'], 'required')
|
||||
assert_equal(result['errors']['title'], 'required')
|
||||
assert_equal(result['errors']['body'], 'required')
|
||||
|
||||
post '/api/v1/form_submit', params: { fingerprint: fingerprint, token: token, email: 'some' }.to_json, headers: @headers
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
|
||||
assert(result['errors'])
|
||||
assert_equal(result['errors']['name'], 'required')
|
||||
assert_equal(result['errors']['email'], 'invalid')
|
||||
assert_equal(result['errors']['title'], 'required')
|
||||
assert_equal(result['errors']['body'], 'required')
|
||||
|
||||
post '/api/v1/form_submit', params: { fingerprint: fingerprint, token: token, name: 'Bob Smith', email: 'somebody@example.com', title: 'test', body: 'hello' }.to_json, headers: @headers
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
|
||||
assert(result['errors'])
|
||||
assert_equal(result['errors']['email'], 'invalid')
|
||||
|
||||
end
|
||||
|
||||
test '05 - limits' do
|
||||
return if !SearchIndexBackend.enabled?
|
||||
|
||||
Setting.set('form_ticket_create', true)
|
||||
fingerprint = SecureRandom.hex(40)
|
||||
post '/api/v1/form_config', params: { fingerprint: fingerprint }.to_json, headers: @headers
|
||||
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_equal(result['enabled'], true)
|
||||
assert_equal(result['endpoint'], 'http://zammad.example.com/api/v1/form_submit')
|
||||
assert(result['token'])
|
||||
token = result['token']
|
||||
|
||||
(1..20).each do |count|
|
||||
travel 10.seconds
|
||||
post '/api/v1/form_submit', params: { fingerprint: fingerprint, token: token, name: 'Bob Smith', email: 'discard@znuny.com', title: "test#{count}", body: 'hello' }.to_json, headers: @headers
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
|
||||
assert_not(result['errors'])
|
||||
assert(result['ticket'])
|
||||
assert(result['ticket']['id'])
|
||||
assert(result['ticket']['number'])
|
||||
Scheduler.worker(true)
|
||||
sleep 1 # wait until elasticsearch is index
|
||||
end
|
||||
|
||||
sleep 10 # wait until elasticsearch is index
|
||||
|
||||
post '/api/v1/form_submit', params: { fingerprint: fingerprint, token: token, name: 'Bob Smith', email: 'discard@znuny.com', title: 'test-last', body: 'hello' }.to_json, headers: @headers
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert(result['error'])
|
||||
|
||||
@headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json', 'REMOTE_ADDR' => '1.2.3.5' }
|
||||
|
||||
(1..20).each do |count|
|
||||
travel 10.seconds
|
||||
post '/api/v1/form_submit', params: { fingerprint: fingerprint, token: token, name: 'Bob Smith', email: 'discard@znuny.com', title: "test-2-#{count}", body: 'hello' }.to_json, headers: @headers
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
|
||||
assert_not(result['errors'])
|
||||
assert(result['ticket'])
|
||||
assert(result['ticket']['id'])
|
||||
assert(result['ticket']['number'])
|
||||
Scheduler.worker(true)
|
||||
sleep 1 # wait until elasticsearch is index
|
||||
end
|
||||
|
||||
sleep 10 # wait until elasticsearch is index
|
||||
|
||||
post '/api/v1/form_submit', params: { fingerprint: fingerprint, token: token, name: 'Bob Smith', email: 'discard@znuny.com', title: 'test-2-last', body: 'hello' }.to_json, headers: @headers
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert(result['error'])
|
||||
end
|
||||
|
||||
test '06 - customer_ticket_create false disables form' do
|
||||
Setting.set('form_ticket_create', false)
|
||||
Setting.set('customer_ticket_create', true)
|
||||
|
||||
fingerprint = SecureRandom.hex(40)
|
||||
|
||||
post '/api/v1/form_config', params: { fingerprint: fingerprint }.to_json, headers: @headers
|
||||
|
||||
result = JSON.parse(@response.body)
|
||||
token = result['token']
|
||||
params = {
|
||||
fingerprint: fingerprint,
|
||||
token: token,
|
||||
name: 'Bob Smith',
|
||||
email: 'discard@znuny.com',
|
||||
title: 'test',
|
||||
body: 'hello'
|
||||
}
|
||||
|
||||
post '/api/v1/form_submit', params: params.to_json, headers: @headers
|
||||
|
||||
assert_response(401)
|
||||
end
|
||||
|
||||
end
|
|
@ -1,270 +0,0 @@
|
|||
|
||||
require 'test_helper'
|
||||
|
||||
class IntegationCheckMkControllerTest < ActionDispatch::IntegrationTest
|
||||
setup do
|
||||
token = SecureRandom.urlsafe_base64(16)
|
||||
Setting.set('check_mk_token', token)
|
||||
Setting.set('check_mk_integration', true)
|
||||
end
|
||||
|
||||
test '01 without token' do
|
||||
post '/api/v1/integration/check_mk/', params: {}
|
||||
assert_response(404)
|
||||
end
|
||||
|
||||
test '01 invalid token & enabled feature' do
|
||||
post '/api/v1/integration/check_mk/invalid_token', params: {}
|
||||
assert_response(422)
|
||||
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('Invalid token!', result['error'])
|
||||
end
|
||||
|
||||
test '01 invalid token & disabled feature' do
|
||||
Setting.set('check_mk_integration', false)
|
||||
|
||||
post '/api/v1/integration/check_mk/invalid_token', params: {}
|
||||
assert_response(422)
|
||||
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('Feature is disable, please contact your admin to enable it!', result['error'])
|
||||
end
|
||||
|
||||
test '02 ticket create & close' do
|
||||
params = {
|
||||
event_id: '123',
|
||||
state: 'down',
|
||||
host: 'some host',
|
||||
service: 'some service',
|
||||
}
|
||||
post "/api/v1/integration/check_mk/#{Setting.get('check_mk_token')}", params: params
|
||||
assert_response(200)
|
||||
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
assert(result['result'])
|
||||
assert(result['ticket_id'])
|
||||
assert(result['ticket_number'])
|
||||
|
||||
ticket = Ticket.find(result['ticket_id'])
|
||||
assert_equal('new', ticket.state.name)
|
||||
assert_equal(1, ticket.articles.count)
|
||||
|
||||
params = {
|
||||
event_id: '123',
|
||||
state: 'up',
|
||||
host: 'some host',
|
||||
service: 'some service',
|
||||
}
|
||||
post "/api/v1/integration/check_mk/#{Setting.get('check_mk_token')}", params: params
|
||||
assert_response(200)
|
||||
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
assert(result['result'])
|
||||
assert(result['ticket_ids'].include?(ticket.id))
|
||||
|
||||
ticket.reload
|
||||
assert_equal('closed', ticket.state.name)
|
||||
assert_equal(2, ticket.articles.count)
|
||||
end
|
||||
|
||||
test '02 ticket create & create & auto close' do
|
||||
params = {
|
||||
event_id: '123',
|
||||
state: 'down',
|
||||
host: 'some host',
|
||||
service: 'some service',
|
||||
}
|
||||
post "/api/v1/integration/check_mk/#{Setting.get('check_mk_token')}", params: params
|
||||
assert_response(200)
|
||||
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
assert(result['result'])
|
||||
assert(result['ticket_id'])
|
||||
assert(result['ticket_number'])
|
||||
|
||||
ticket = Ticket.find(result['ticket_id'])
|
||||
assert_equal('new', ticket.state.name)
|
||||
assert_equal(1, ticket.articles.count)
|
||||
|
||||
params = {
|
||||
event_id: '123',
|
||||
state: 'down',
|
||||
host: 'some host',
|
||||
service: 'some service',
|
||||
}
|
||||
post "/api/v1/integration/check_mk/#{Setting.get('check_mk_token')}", params: params
|
||||
assert_response(200)
|
||||
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
assert_equal('ticket already open, added note', result['result'])
|
||||
assert(result['ticket_ids'].include?(ticket.id))
|
||||
|
||||
ticket.reload
|
||||
assert_equal('new', ticket.state.name)
|
||||
assert_equal(2, ticket.articles.count)
|
||||
|
||||
params = {
|
||||
event_id: '123',
|
||||
state: 'up',
|
||||
host: 'some host',
|
||||
service: 'some service',
|
||||
}
|
||||
post "/api/v1/integration/check_mk/#{Setting.get('check_mk_token')}", params: params
|
||||
assert_response(200)
|
||||
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
assert(result['result'])
|
||||
assert(result['ticket_ids'].include?(ticket.id))
|
||||
|
||||
ticket.reload
|
||||
assert_equal('closed', ticket.state.name)
|
||||
assert_equal(3, ticket.articles.count)
|
||||
end
|
||||
|
||||
test '02 ticket close' do
|
||||
params = {
|
||||
event_id: '123',
|
||||
state: 'up',
|
||||
host: 'some host',
|
||||
service: 'some service',
|
||||
}
|
||||
post "/api/v1/integration/check_mk/#{Setting.get('check_mk_token')}", params: params
|
||||
assert_response(200)
|
||||
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
assert_equal('no open tickets found, ignore action', result['result'])
|
||||
end
|
||||
|
||||
test '02 ticket create & create & no auto close' do
|
||||
Setting.set('check_mk_auto_close', false)
|
||||
params = {
|
||||
event_id: '123',
|
||||
state: 'down',
|
||||
host: 'some host',
|
||||
service: 'some service',
|
||||
}
|
||||
post "/api/v1/integration/check_mk/#{Setting.get('check_mk_token')}", params: params
|
||||
assert_response(200)
|
||||
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
assert(result['result'])
|
||||
assert(result['ticket_id'])
|
||||
assert(result['ticket_number'])
|
||||
|
||||
ticket = Ticket.find(result['ticket_id'])
|
||||
assert_equal('new', ticket.state.name)
|
||||
assert_equal(1, ticket.articles.count)
|
||||
|
||||
params = {
|
||||
event_id: '123',
|
||||
state: 'down',
|
||||
host: 'some host',
|
||||
service: 'some service',
|
||||
}
|
||||
post "/api/v1/integration/check_mk/#{Setting.get('check_mk_token')}", params: params
|
||||
assert_response(200)
|
||||
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
assert_equal('ticket already open, added note', result['result'])
|
||||
assert(result['ticket_ids'].include?(ticket.id))
|
||||
|
||||
ticket.reload
|
||||
assert_equal('new', ticket.state.name)
|
||||
assert_equal(2, ticket.articles.count)
|
||||
|
||||
params = {
|
||||
event_id: '123',
|
||||
state: 'up',
|
||||
host: 'some host',
|
||||
service: 'some service',
|
||||
}
|
||||
post "/api/v1/integration/check_mk/#{Setting.get('check_mk_token')}", params: params
|
||||
assert_response(200)
|
||||
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
assert_equal('ticket already open, added note', result['result'])
|
||||
assert(result['ticket_ids'].include?(ticket.id))
|
||||
|
||||
ticket.reload
|
||||
assert_equal('new', ticket.state.name)
|
||||
assert_equal(3, ticket.articles.count)
|
||||
end
|
||||
|
||||
test '02 ticket create & create & auto close - host only' do
|
||||
params = {
|
||||
event_id: '123',
|
||||
state: 'down',
|
||||
host: 'some host',
|
||||
}
|
||||
post "/api/v1/integration/check_mk/#{Setting.get('check_mk_token')}", params: params
|
||||
assert_response(200)
|
||||
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
assert(result['result'])
|
||||
assert(result['ticket_id'])
|
||||
assert(result['ticket_number'])
|
||||
|
||||
ticket = Ticket.find(result['ticket_id'])
|
||||
assert_equal('new', ticket.state.name)
|
||||
assert_equal(1, ticket.articles.count)
|
||||
|
||||
params = {
|
||||
event_id: '123',
|
||||
state: 'down',
|
||||
host: 'some host',
|
||||
}
|
||||
post "/api/v1/integration/check_mk/#{Setting.get('check_mk_token')}", params: params
|
||||
assert_response(200)
|
||||
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
assert_equal('ticket already open, added note', result['result'])
|
||||
assert(result['ticket_ids'].include?(ticket.id))
|
||||
|
||||
ticket.reload
|
||||
assert_equal('new', ticket.state.name)
|
||||
assert_equal(2, ticket.articles.count)
|
||||
|
||||
params = {
|
||||
event_id: '123',
|
||||
state: 'up',
|
||||
host: 'some host',
|
||||
}
|
||||
post "/api/v1/integration/check_mk/#{Setting.get('check_mk_token')}", params: params
|
||||
assert_response(200)
|
||||
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
assert(result['result'])
|
||||
assert(result['ticket_ids'].include?(ticket.id))
|
||||
|
||||
ticket.reload
|
||||
assert_equal('closed', ticket.state.name)
|
||||
assert_equal(3, ticket.articles.count)
|
||||
end
|
||||
end
|
|
@ -1,508 +0,0 @@
|
|||
|
||||
require 'test_helper'
|
||||
require 'rexml/document'
|
||||
|
||||
class IntegrationCtiControllerTest < ActionDispatch::IntegrationTest
|
||||
setup do
|
||||
|
||||
Cti::Log.destroy_all
|
||||
|
||||
Setting.set('cti_integration', true)
|
||||
Setting.set('cti_config', {
|
||||
outbound: {
|
||||
routing_table: [
|
||||
{
|
||||
dest: '41*',
|
||||
caller_id: '41715880339000',
|
||||
},
|
||||
{
|
||||
dest: '491714000000',
|
||||
caller_id: '41715880339000',
|
||||
},
|
||||
],
|
||||
default_caller_id: '4930777000000',
|
||||
},
|
||||
inbound: {
|
||||
block_caller_ids: [
|
||||
{
|
||||
caller_id: '491715000000',
|
||||
note: 'some note',
|
||||
}
|
||||
],
|
||||
notify_user_ids: {
|
||||
2 => true,
|
||||
4 => false,
|
||||
},
|
||||
}
|
||||
},)
|
||||
|
||||
groups = Group.where(name: 'Users')
|
||||
roles = Role.where(name: %w[Agent])
|
||||
agent = User.create_or_update(
|
||||
login: 'cti-agent@example.com',
|
||||
firstname: 'E',
|
||||
lastname: 'S',
|
||||
email: 'cti-agent@example.com',
|
||||
password: 'agentpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1,
|
||||
)
|
||||
|
||||
customer1 = User.create_or_update(
|
||||
login: 'ticket-caller_id_cti-customer1@example.com',
|
||||
firstname: 'CallerId',
|
||||
lastname: 'Customer1',
|
||||
email: 'ticket-caller_id_cti-customer1@example.com',
|
||||
password: 'customerpw',
|
||||
active: true,
|
||||
phone: '+49 99999 222222',
|
||||
fax: '+49 99999 222223',
|
||||
mobile: '+4912347114711',
|
||||
note: 'Phone at home: +49 99999 222224',
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1,
|
||||
)
|
||||
customer2 = User.create_or_update(
|
||||
login: 'ticket-caller_id_cti-customer2@example.com',
|
||||
firstname: 'CallerId',
|
||||
lastname: 'Customer2',
|
||||
email: 'ticket-caller_id_cti-customer2@example.com',
|
||||
password: 'customerpw',
|
||||
active: true,
|
||||
phone: '+49 99999 222222 2',
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1,
|
||||
)
|
||||
customer3 = User.create_or_update(
|
||||
login: 'ticket-caller_id_cti-customer3@example.com',
|
||||
firstname: 'CallerId',
|
||||
lastname: 'Customer3',
|
||||
email: 'ticket-caller_id_cti-customer3@example.com',
|
||||
password: 'customerpw',
|
||||
active: true,
|
||||
phone: '+49 99999 222222 2',
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1,
|
||||
)
|
||||
Cti::CallerId.rebuild
|
||||
|
||||
end
|
||||
|
||||
test 'token check' do
|
||||
params = 'event=newCall&direction=in&from=4912347114711&to=4930600000000&call_id=4991155921769858278-1&user%5B%5D=user+1&user%5B%5D=user+2'
|
||||
post '/api/v1/cti/not_existing_token', params: params
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('Invalid token, please contact your admin!', result['error'])
|
||||
end
|
||||
|
||||
test 'basic call' do
|
||||
token = Setting.get('cti_token')
|
||||
|
||||
# inbound - I
|
||||
params = 'event=newCall&direction=in&from=4912347114711&to=4930600000000&call_id=4991155921769858278-1&user%5B%5D=user+1&user%5B%5D=user+2'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
assert_response(200)
|
||||
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert(result.blank?)
|
||||
|
||||
# inbound - II - block caller
|
||||
params = 'event=newCall&direction=in&from=491715000000&to=4930600000000&call_id=4991155921769858278-2&user%5B%5D=user+1&user%5B%5D=user+2'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
assert_response(200)
|
||||
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('reject', result['action'])
|
||||
assert_equal('busy', result['reason'])
|
||||
|
||||
# outbound - I - set default_caller_id
|
||||
params = 'event=newCall&direction=out&from=4930600000000&to=4912347114711&call_id=8621106404543334274-3&user%5B%5D=user+1'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('dial', result['action'])
|
||||
assert_equal('4912347114711', result['number'])
|
||||
assert_equal('4930777000000', result['caller_id'])
|
||||
|
||||
# outbound - II - set caller_id based on routing_table by explicite number
|
||||
params = 'event=newCall&direction=out&from=4930600000000&to=491714000000&call_id=8621106404543334274-4&user%5B%5D=user+1'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('dial', result['action'])
|
||||
assert_equal('491714000000', result['number'])
|
||||
assert_equal('41715880339000', result['caller_id'])
|
||||
|
||||
# outbound - III - set caller_id based on routing_table by 41*
|
||||
params = 'event=newCall&direction=out&from=4930600000000&to=4147110000000&call_id=8621106404543334274-5&user%5B%5D=user+1'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('dial', result['action'])
|
||||
assert_equal('4147110000000', result['number'])
|
||||
assert_equal('41715880339000', result['caller_id'])
|
||||
|
||||
# no config
|
||||
Setting.set('cti_config', {})
|
||||
params = 'event=newCall&direction=in&from=4912347114711&to=4930600000000&call_id=4991155921769858278-6&user%5B%5D=user+1&user%5B%5D=user+2'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
assert_response(422)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('Feature not configured, please contact your admin!', result['error'])
|
||||
|
||||
end
|
||||
|
||||
test 'log call' do
|
||||
token = Setting.get('cti_token')
|
||||
|
||||
# outbound - I - new call
|
||||
params = 'event=newCall&direction=out&from=4930600000000&to=4912347114711&call_id=1234567890-1&user%5B%5D=user+1'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
assert_response(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-1')
|
||||
assert(log)
|
||||
assert_equal('4930777000000', log.from)
|
||||
assert_equal('4912347114711', log.to)
|
||||
assert_equal('out', log.direction)
|
||||
assert_equal('user 1', log.from_comment)
|
||||
assert_equal('CallerId Customer1', log.to_comment)
|
||||
assert_nil(log.comment)
|
||||
assert_equal('newCall', log.state)
|
||||
assert_equal(true, log.done)
|
||||
assert(log.initialized_at)
|
||||
assert_nil(log.start_at)
|
||||
assert_nil(log.end_at)
|
||||
assert_nil(log.duration_waiting_time)
|
||||
assert_nil(log.duration_talking_time)
|
||||
|
||||
# outbound - I - hangup by agent
|
||||
params = 'event=hangup&direction=out&call_id=1234567890-1&cause=cancel'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
assert_response(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-1')
|
||||
assert(log)
|
||||
assert_equal('4930777000000', log.from)
|
||||
assert_equal('4912347114711', log.to)
|
||||
assert_equal('out', log.direction)
|
||||
assert_equal('user 1', log.from_comment)
|
||||
assert_equal('CallerId Customer1', log.to_comment)
|
||||
assert_equal('cancel', log.comment)
|
||||
assert_equal('hangup', log.state)
|
||||
assert_equal(true, log.done)
|
||||
assert(log.initialized_at)
|
||||
assert_nil(log.start_at)
|
||||
assert(log.end_at)
|
||||
assert(log.duration_waiting_time)
|
||||
assert_nil(log.duration_talking_time)
|
||||
|
||||
# outbound - II - new call
|
||||
params = 'event=newCall&direction=out&from=4930600000000&to=4912347114711&call_id=1234567890-2&user%5B%5D=user+1'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
assert_response(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-2')
|
||||
assert(log)
|
||||
assert_equal('4930777000000', log.from)
|
||||
assert_equal('4912347114711', log.to)
|
||||
assert_equal('out', log.direction)
|
||||
assert_equal('user 1', log.from_comment)
|
||||
assert_equal('CallerId Customer1', log.to_comment)
|
||||
assert_nil(log.comment)
|
||||
assert_equal('newCall', log.state)
|
||||
assert_equal(true, log.done)
|
||||
assert(log.initialized_at)
|
||||
assert_nil(log.start_at)
|
||||
assert_nil(log.end_at)
|
||||
assert_nil(log.duration_waiting_time)
|
||||
assert_nil(log.duration_talking_time)
|
||||
|
||||
# outbound - II - answer by customer
|
||||
params = 'event=answer&direction=out&call_id=1234567890-2&from=4930600000000&to=4912347114711'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
assert_response(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-2')
|
||||
assert(log)
|
||||
assert_equal('4930777000000', log.from)
|
||||
assert_equal('4912347114711', log.to)
|
||||
assert_equal('out', log.direction)
|
||||
assert_equal('user 1', log.from_comment)
|
||||
assert_equal('CallerId Customer1', log.to_comment)
|
||||
assert_nil(log.comment)
|
||||
assert_equal('answer', log.state)
|
||||
assert_equal(true, log.done)
|
||||
assert(log.initialized_at)
|
||||
assert(log.start_at)
|
||||
assert_nil(log.end_at)
|
||||
assert(log.duration_waiting_time)
|
||||
assert_nil(log.duration_talking_time)
|
||||
|
||||
# outbound - II - hangup by customer
|
||||
params = 'event=hangup&direction=out&call_id=1234567890-2&cause=normalClearing&from=4930600000000&to=4912347114711'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
assert_response(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-2')
|
||||
assert(log)
|
||||
assert_equal('4930777000000', log.from)
|
||||
assert_equal('4912347114711', log.to)
|
||||
assert_equal('out', log.direction)
|
||||
assert_equal('user 1', log.from_comment)
|
||||
assert_equal('CallerId Customer1', log.to_comment)
|
||||
assert_equal('normalClearing', log.comment)
|
||||
assert_equal('hangup', log.state)
|
||||
assert_equal(true, log.done)
|
||||
assert(log.initialized_at)
|
||||
assert(log.start_at)
|
||||
assert(log.end_at)
|
||||
assert(log.duration_waiting_time)
|
||||
assert(log.duration_talking_time)
|
||||
|
||||
# inbound - I - new call
|
||||
params = 'event=newCall&direction=in&to=4930600000000&from=4912347114711&call_id=1234567890-3&user%5B%5D=user+1'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
assert_response(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-3')
|
||||
assert(log)
|
||||
assert_equal('4930600000000', log.to)
|
||||
assert_equal('4912347114711', log.from)
|
||||
assert_equal('in', log.direction)
|
||||
assert_equal('user 1', log.to_comment)
|
||||
assert_equal('CallerId Customer1', log.from_comment)
|
||||
assert_nil(log.comment)
|
||||
assert_equal('newCall', log.state)
|
||||
assert_equal(false, log.done)
|
||||
assert(log.initialized_at)
|
||||
assert_nil(log.start_at)
|
||||
assert_nil(log.end_at)
|
||||
assert_nil(log.duration_waiting_time)
|
||||
assert_nil(log.duration_talking_time)
|
||||
|
||||
# inbound - I - answer by customer
|
||||
params = 'event=answer&direction=in&call_id=1234567890-3&to=4930600000000&from=4912347114711'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
assert_response(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-3')
|
||||
assert(log)
|
||||
assert_equal('4930600000000', log.to)
|
||||
assert_equal('4912347114711', log.from)
|
||||
assert_equal('in', log.direction)
|
||||
assert_equal('user 1', log.to_comment)
|
||||
assert_equal('CallerId Customer1', log.from_comment)
|
||||
assert_nil(log.comment)
|
||||
assert_equal('answer', log.state)
|
||||
assert_equal(true, log.done)
|
||||
assert(log.initialized_at)
|
||||
assert(log.start_at)
|
||||
assert_nil(log.end_at)
|
||||
assert(log.duration_waiting_time)
|
||||
assert_nil(log.duration_talking_time)
|
||||
|
||||
# inbound - I - hangup by customer
|
||||
params = 'event=hangup&direction=in&call_id=1234567890-3&cause=normalClearing&to=4930600000000&from=4912347114711'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
assert_response(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-3')
|
||||
assert(log)
|
||||
assert_equal('4930600000000', log.to)
|
||||
assert_equal('4912347114711', log.from)
|
||||
assert_equal('in', log.direction)
|
||||
assert_equal('user 1', log.to_comment)
|
||||
assert_equal('CallerId Customer1', log.from_comment)
|
||||
assert_equal('normalClearing', log.comment)
|
||||
assert_equal('hangup', log.state)
|
||||
assert_equal(true, log.done)
|
||||
assert(log.initialized_at)
|
||||
assert(log.start_at)
|
||||
assert(log.end_at)
|
||||
assert(log.duration_waiting_time)
|
||||
assert(log.duration_talking_time)
|
||||
|
||||
# inbound - II - new call
|
||||
params = 'event=newCall&direction=in&to=4930600000000&from=4912347114711&call_id=1234567890-4&user%5B%5D=user+1,user+2'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
assert_response(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-4')
|
||||
assert(log)
|
||||
assert_equal('4930600000000', log.to)
|
||||
assert_equal('4912347114711', log.from)
|
||||
assert_equal('in', log.direction)
|
||||
assert_equal('user 1,user 2', log.to_comment)
|
||||
assert_equal('CallerId Customer1', log.from_comment)
|
||||
assert_nil(log.comment)
|
||||
assert_equal('newCall', log.state)
|
||||
assert_equal(false, log.done)
|
||||
assert(log.initialized_at)
|
||||
assert_nil(log.start_at)
|
||||
assert_nil(log.end_at)
|
||||
assert_nil(log.duration_waiting_time)
|
||||
assert_nil(log.duration_talking_time)
|
||||
|
||||
# inbound - II - answer by voicemail
|
||||
params = 'event=answer&direction=in&call_id=1234567890-4&to=4930600000000&from=4912347114711&user=voicemail'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
assert_response(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-4')
|
||||
assert(log)
|
||||
assert_equal('4930600000000', log.to)
|
||||
assert_equal('4912347114711', log.from)
|
||||
assert_equal('in', log.direction)
|
||||
assert_equal('voicemail', log.to_comment)
|
||||
assert_equal('CallerId Customer1', log.from_comment)
|
||||
assert_nil(log.comment)
|
||||
assert_equal('answer', log.state)
|
||||
assert_equal(true, log.done)
|
||||
assert(log.initialized_at)
|
||||
assert(log.start_at)
|
||||
assert_nil(log.end_at)
|
||||
assert(log.duration_waiting_time)
|
||||
assert_nil(log.duration_talking_time)
|
||||
|
||||
# inbound - II - hangup by customer
|
||||
params = 'event=hangup&direction=in&call_id=1234567890-4&cause=normalClearing&to=4930600000000&from=4912347114711'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
assert_response(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-4')
|
||||
assert(log)
|
||||
assert_equal('4930600000000', log.to)
|
||||
assert_equal('4912347114711', log.from)
|
||||
assert_equal('in', log.direction)
|
||||
assert_equal('voicemail', log.to_comment)
|
||||
assert_equal('CallerId Customer1', log.from_comment)
|
||||
assert_equal('normalClearing', log.comment)
|
||||
assert_equal('hangup', log.state)
|
||||
assert_equal(false, log.done)
|
||||
assert(log.initialized_at)
|
||||
assert(log.start_at)
|
||||
assert(log.end_at)
|
||||
assert(log.duration_waiting_time)
|
||||
assert(log.duration_talking_time)
|
||||
|
||||
# inbound - III - new call
|
||||
params = 'event=newCall&direction=in&to=4930600000000&from=4912347114711&call_id=1234567890-5&user%5B%5D=user+1,user+2'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
assert_response(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-5')
|
||||
assert(log)
|
||||
assert_equal('4930600000000', log.to)
|
||||
assert_equal('4912347114711', log.from)
|
||||
assert_equal('in', log.direction)
|
||||
assert_equal('user 1,user 2', log.to_comment)
|
||||
assert_equal('CallerId Customer1', log.from_comment)
|
||||
assert_nil(log.comment)
|
||||
assert_equal('newCall', log.state)
|
||||
assert_equal(false, log.done)
|
||||
assert(log.initialized_at)
|
||||
assert_nil(log.start_at)
|
||||
assert_nil(log.end_at)
|
||||
assert_nil(log.duration_waiting_time)
|
||||
assert_nil(log.duration_talking_time)
|
||||
|
||||
# inbound - III - hangup by customer
|
||||
params = 'event=hangup&direction=in&call_id=1234567890-5&cause=normalClearing&to=4930600000000&from=4912347114711'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
assert_response(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-5')
|
||||
assert(log)
|
||||
assert_equal('4930600000000', log.to)
|
||||
assert_equal('4912347114711', log.from)
|
||||
assert_equal('in', log.direction)
|
||||
assert_equal('user 1,user 2', log.to_comment)
|
||||
assert_equal('CallerId Customer1', log.from_comment)
|
||||
assert_equal('normalClearing', log.comment)
|
||||
assert_equal('hangup', log.state)
|
||||
assert_equal(false, log.done)
|
||||
assert(log.initialized_at)
|
||||
assert_nil(log.start_at)
|
||||
assert(log.end_at)
|
||||
assert(log.duration_waiting_time)
|
||||
assert_nil(log.duration_talking_time)
|
||||
|
||||
# inbound - IV - new call
|
||||
params = 'event=newCall&direction=in&to=4930600000000&from=49999992222222&call_id=1234567890-6&user%5B%5D=user+1,user+2'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
assert_response(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-6')
|
||||
assert(log)
|
||||
assert_equal('4930600000000', log.to)
|
||||
assert_equal('49999992222222', log.from)
|
||||
assert_equal('in', log.direction)
|
||||
assert_equal('user 1,user 2', log.to_comment)
|
||||
assert_equal('CallerId Customer3,CallerId Customer2', log.from_comment)
|
||||
assert_not(log.preferences['to'])
|
||||
assert(log.preferences['from'])
|
||||
assert_nil(log.comment)
|
||||
assert_equal('newCall', log.state)
|
||||
assert_equal(false, log.done)
|
||||
assert(log.initialized_at)
|
||||
assert_nil(log.start_at)
|
||||
assert_nil(log.end_at)
|
||||
assert_nil(log.duration_waiting_time)
|
||||
assert_nil(log.duration_talking_time)
|
||||
|
||||
# inbound - IV - new call
|
||||
params = 'event=newCall&direction=in&to=4930600000000&from=anonymous&call_id=1234567890-7&user%5B%5D=user+1,user+2'
|
||||
post "/api/v1/cti/#{token}", params: params
|
||||
assert_response(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-7')
|
||||
assert(log)
|
||||
assert_equal('4930600000000', log.to)
|
||||
assert_equal('anonymous', log.from)
|
||||
assert_equal('in', log.direction)
|
||||
assert_equal('user 1,user 2', log.to_comment)
|
||||
assert_nil(log.from_comment)
|
||||
assert_not(log.preferences['to'])
|
||||
assert_not(log.preferences['from'])
|
||||
assert_nil(log.comment)
|
||||
assert_equal('newCall', log.state)
|
||||
assert_equal(false, log.done)
|
||||
assert(log.initialized_at)
|
||||
assert_nil(log.start_at)
|
||||
assert_nil(log.end_at)
|
||||
assert_nil(log.duration_waiting_time)
|
||||
assert_nil(log.duration_talking_time)
|
||||
|
||||
# get caller list
|
||||
get '/api/v1/cti/log'
|
||||
assert_response(401)
|
||||
|
||||
customer2 = User.lookup(login: 'ticket-caller_id_cti-customer2@example.com')
|
||||
customer3 = User.lookup(login: 'ticket-caller_id_cti-customer3@example.com')
|
||||
|
||||
headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('cti-agent@example.com', 'agentpw')
|
||||
get '/api/v1/cti/log', headers: headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result['list'].class, Array)
|
||||
assert_equal(7, result['list'].count)
|
||||
assert(result['assets'])
|
||||
assert(result['assets']['User'])
|
||||
assert(result['assets']['User'][customer2.id.to_s])
|
||||
assert(result['assets']['User'][customer3.id.to_s])
|
||||
assert_equal('1234567890-7', result['list'][0]['call_id'])
|
||||
assert_equal('1234567890-6', result['list'][1]['call_id'])
|
||||
assert_equal('1234567890-5', result['list'][2]['call_id'])
|
||||
assert_equal('1234567890-4', result['list'][3]['call_id'])
|
||||
assert_equal('1234567890-3', result['list'][4]['call_id'])
|
||||
assert_equal('1234567890-2', result['list'][5]['call_id'])
|
||||
assert_equal('hangup', result['list'][5]['state'])
|
||||
assert_equal('4930777000000', result['list'][5]['from'])
|
||||
assert_equal('user 1', result['list'][5]['from_comment'])
|
||||
assert_equal('4912347114711', result['list'][5]['to'])
|
||||
assert_equal('CallerId Customer1', result['list'][5]['to_comment'])
|
||||
assert_equal('normalClearing', result['list'][5]['comment'])
|
||||
assert_equal('hangup', result['list'][5]['state'])
|
||||
assert_equal('1234567890-1', result['list'][6]['call_id'])
|
||||
|
||||
end
|
||||
|
||||
end
|
|
@ -1,469 +0,0 @@
|
|||
|
||||
require 'test_helper'
|
||||
require 'rexml/document'
|
||||
|
||||
class IntegrationSipgateControllerTest < ActionDispatch::IntegrationTest
|
||||
setup do
|
||||
|
||||
Cti::Log.destroy_all
|
||||
|
||||
Setting.set('sipgate_integration', true)
|
||||
Setting.set('sipgate_config', {
|
||||
outbound: {
|
||||
routing_table: [
|
||||
{
|
||||
dest: '41*',
|
||||
caller_id: '41715880339000',
|
||||
},
|
||||
{
|
||||
dest: '491714000000',
|
||||
caller_id: '41715880339000',
|
||||
},
|
||||
],
|
||||
default_caller_id: '4930777000000',
|
||||
},
|
||||
inbound: {
|
||||
block_caller_ids: [
|
||||
{
|
||||
caller_id: '491715000000',
|
||||
note: 'some note',
|
||||
}
|
||||
],
|
||||
notify_user_ids: {
|
||||
2 => true,
|
||||
4 => false,
|
||||
},
|
||||
}
|
||||
},)
|
||||
|
||||
groups = Group.where(name: 'Users')
|
||||
roles = Role.where(name: %w[Agent])
|
||||
agent = User.create_or_update(
|
||||
login: 'cti-agent@example.com',
|
||||
firstname: 'E',
|
||||
lastname: 'S',
|
||||
email: 'cti-agent@example.com',
|
||||
password: 'agentpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1,
|
||||
)
|
||||
|
||||
customer1 = User.create_or_update(
|
||||
login: 'ticket-caller_id_sipgate-customer1@example.com',
|
||||
firstname: 'CallerId',
|
||||
lastname: 'Customer1',
|
||||
email: 'ticket-caller_id_sipgate-customer1@example.com',
|
||||
password: 'customerpw',
|
||||
active: true,
|
||||
phone: '+49 99999 222222',
|
||||
fax: '+49 99999 222223',
|
||||
mobile: '+4912347114711',
|
||||
note: 'Phone at home: +49 99999 222224',
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1,
|
||||
)
|
||||
customer2 = User.create_or_update(
|
||||
login: 'ticket-caller_id_sipgate-customer2@example.com',
|
||||
firstname: 'CallerId',
|
||||
lastname: 'Customer2',
|
||||
email: 'ticket-caller_id_sipgate-customer2@example.com',
|
||||
password: 'customerpw',
|
||||
active: true,
|
||||
phone: '+49 99999 222222 2',
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1,
|
||||
)
|
||||
customer3 = User.create_or_update(
|
||||
login: 'ticket-caller_id_sipgate-customer3@example.com',
|
||||
firstname: 'CallerId',
|
||||
lastname: 'Customer3',
|
||||
email: 'ticket-caller_id_sipgate-customer3@example.com',
|
||||
password: 'customerpw',
|
||||
active: true,
|
||||
phone: '+49 99999 222222 2',
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1,
|
||||
)
|
||||
Cti::CallerId.rebuild
|
||||
|
||||
end
|
||||
|
||||
test 'basic call' do
|
||||
|
||||
# inbound - I
|
||||
params = 'event=newCall&direction=in&from=4912347114711&to=4930600000000&callId=4991155921769858278-1&user%5B%5D=user+1&user%5B%5D=user+2'
|
||||
post '/api/v1/sipgate/in', params: params
|
||||
assert_response(200)
|
||||
on_hangup = nil
|
||||
on_answer = nil
|
||||
content = @response.body
|
||||
response = REXML::Document.new(content)
|
||||
response.elements.each('Response') do |element|
|
||||
on_hangup = element.attributes['onHangup']
|
||||
on_answer = element.attributes['onAnswer']
|
||||
end
|
||||
assert_equal('http://zammad.example.com/api/v1/sipgate/in', on_hangup)
|
||||
assert_equal('http://zammad.example.com/api/v1/sipgate/in', on_answer)
|
||||
|
||||
# inbound - II - block caller
|
||||
params = 'event=newCall&direction=in&from=491715000000&to=4930600000000&callId=4991155921769858278-2&user%5B%5D=user+1&user%5B%5D=user+2'
|
||||
post '/api/v1/sipgate/in', params: params
|
||||
assert_response(200)
|
||||
on_hangup = nil
|
||||
on_answer = nil
|
||||
content = @response.body
|
||||
response = REXML::Document.new(content)
|
||||
response.elements.each('Response') do |element|
|
||||
on_hangup = element.attributes['onHangup']
|
||||
on_answer = element.attributes['onAnswer']
|
||||
end
|
||||
assert_equal('http://zammad.example.com/api/v1/sipgate/in', on_hangup)
|
||||
assert_equal('http://zammad.example.com/api/v1/sipgate/in', on_answer)
|
||||
reason = nil
|
||||
response.elements.each('Response/Reject') do |element|
|
||||
reason = element.attributes['reason']
|
||||
end
|
||||
assert_equal('busy', reason)
|
||||
|
||||
# outbound - I - set default_caller_id
|
||||
params = 'event=newCall&direction=out&from=4930600000000&to=4912347114711&callId=8621106404543334274-3&user%5B%5D=user+1'
|
||||
post '/api/v1/sipgate/out', params: params
|
||||
assert_response(200)
|
||||
on_hangup = nil
|
||||
on_answer = nil
|
||||
caller_id = nil
|
||||
number_to_dail = nil
|
||||
content = @response.body
|
||||
response = REXML::Document.new(content)
|
||||
response.elements.each('Response') do |element|
|
||||
on_hangup = element.attributes['onHangup']
|
||||
on_answer = element.attributes['onAnswer']
|
||||
end
|
||||
response.elements.each('Response/Dial') do |element|
|
||||
caller_id = element.attributes['callerId']
|
||||
end
|
||||
response.elements.each('Response/Dial/Number') do |element|
|
||||
number_to_dail = element.text
|
||||
end
|
||||
assert_equal('4930777000000', caller_id)
|
||||
assert_equal('4912347114711', number_to_dail)
|
||||
assert_equal('http://zammad.example.com/api/v1/sipgate/out', on_hangup)
|
||||
assert_equal('http://zammad.example.com/api/v1/sipgate/out', on_answer)
|
||||
|
||||
# outbound - II - set caller_id based on routing_table by explicite number
|
||||
params = 'event=newCall&direction=out&from=4930600000000&to=491714000000&callId=8621106404543334274-4&user%5B%5D=user+1'
|
||||
post '/api/v1/sipgate/out', params: params
|
||||
assert_response(200)
|
||||
on_hangup = nil
|
||||
on_answer = nil
|
||||
caller_id = nil
|
||||
number_to_dail = nil
|
||||
content = @response.body
|
||||
response = REXML::Document.new(content)
|
||||
response.elements.each('Response') do |element|
|
||||
on_hangup = element.attributes['onHangup']
|
||||
on_answer = element.attributes['onAnswer']
|
||||
end
|
||||
response.elements.each('Response/Dial') do |element|
|
||||
caller_id = element.attributes['callerId']
|
||||
end
|
||||
response.elements.each('Response/Dial/Number') do |element|
|
||||
number_to_dail = element.text
|
||||
end
|
||||
assert_equal('41715880339000', caller_id)
|
||||
assert_equal('491714000000', number_to_dail)
|
||||
assert_equal('http://zammad.example.com/api/v1/sipgate/out', on_hangup)
|
||||
assert_equal('http://zammad.example.com/api/v1/sipgate/out', on_answer)
|
||||
|
||||
# outbound - III - set caller_id based on routing_table by 41*
|
||||
params = 'event=newCall&direction=out&from=4930600000000&to=4147110000000&callId=8621106404543334274-5&user%5B%5D=user+1'
|
||||
post '/api/v1/sipgate/out', params: params
|
||||
assert_response(200)
|
||||
on_hangup = nil
|
||||
on_answer = nil
|
||||
caller_id = nil
|
||||
number_to_dail = nil
|
||||
content = @response.body
|
||||
response = REXML::Document.new(content)
|
||||
response.elements.each('Response') do |element|
|
||||
on_hangup = element.attributes['onHangup']
|
||||
on_answer = element.attributes['onAnswer']
|
||||
end
|
||||
response.elements.each('Response/Dial') do |element|
|
||||
caller_id = element.attributes['callerId']
|
||||
end
|
||||
response.elements.each('Response/Dial/Number') do |element|
|
||||
number_to_dail = element.text
|
||||
end
|
||||
assert_equal('41715880339000', caller_id)
|
||||
assert_equal('4147110000000', number_to_dail)
|
||||
assert_equal('http://zammad.example.com/api/v1/sipgate/out', on_hangup)
|
||||
assert_equal('http://zammad.example.com/api/v1/sipgate/out', on_answer)
|
||||
|
||||
# no config
|
||||
Setting.set('sipgate_config', {})
|
||||
params = 'event=newCall&direction=in&from=4912347114711&to=4930600000000&callId=4991155921769858278-6&user%5B%5D=user+1&user%5B%5D=user+2'
|
||||
post '/api/v1/sipgate/in', params: params
|
||||
assert_response(422)
|
||||
error = nil
|
||||
content = @response.body
|
||||
response = REXML::Document.new(content)
|
||||
response.elements.each('Response/Error') do |element|
|
||||
error = element.text
|
||||
end
|
||||
assert_equal('Feature not configured, please contact your admin!', error)
|
||||
|
||||
end
|
||||
|
||||
test 'log call' do
|
||||
|
||||
# outbound - I - new call
|
||||
params = 'event=newCall&direction=out&from=4930600000000&to=4912347114711&callId=1234567890-1&user%5B%5D=user+1'
|
||||
post '/api/v1/sipgate/out', params: params
|
||||
assert_response(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-1')
|
||||
assert(log)
|
||||
assert_equal('4930777000000', log.from)
|
||||
assert_equal('4912347114711', log.to)
|
||||
assert_equal('out', log.direction)
|
||||
assert_equal('user 1', log.from_comment)
|
||||
assert_equal('CallerId Customer1', log.to_comment)
|
||||
assert_nil(log.comment)
|
||||
assert_equal('newCall', log.state)
|
||||
assert_equal(true, log.done)
|
||||
|
||||
# outbound - I - hangup by agent
|
||||
params = 'event=hangup&direction=out&callId=1234567890-1&cause=cancel'
|
||||
post '/api/v1/sipgate/out', params: params
|
||||
assert_response(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-1')
|
||||
assert(log)
|
||||
assert_equal('4930777000000', log.from)
|
||||
assert_equal('4912347114711', log.to)
|
||||
assert_equal('out', log.direction)
|
||||
assert_equal('user 1', log.from_comment)
|
||||
assert_equal('CallerId Customer1', log.to_comment)
|
||||
assert_equal('cancel', log.comment)
|
||||
assert_equal('hangup', log.state)
|
||||
assert_equal(true, log.done)
|
||||
|
||||
# outbound - II - new call
|
||||
params = 'event=newCall&direction=out&from=4930600000000&to=4912347114711&callId=1234567890-2&user%5B%5D=user+1'
|
||||
post '/api/v1/sipgate/out', params: params
|
||||
assert_response(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-2')
|
||||
assert(log)
|
||||
assert_equal('4930777000000', log.from)
|
||||
assert_equal('4912347114711', log.to)
|
||||
assert_equal('out', log.direction)
|
||||
assert_equal('user 1', log.from_comment)
|
||||
assert_equal('CallerId Customer1', log.to_comment)
|
||||
assert_nil(log.comment)
|
||||
assert_equal('newCall', log.state)
|
||||
assert_equal(true, log.done)
|
||||
|
||||
# outbound - II - answer by customer
|
||||
params = 'event=answer&direction=out&callId=1234567890-2&from=4930600000000&to=4912347114711'
|
||||
post '/api/v1/sipgate/out', params: params
|
||||
assert_response(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-2')
|
||||
assert(log)
|
||||
assert_equal('4930777000000', log.from)
|
||||
assert_equal('4912347114711', log.to)
|
||||
assert_equal('out', log.direction)
|
||||
assert_equal('user 1', log.from_comment)
|
||||
assert_equal('CallerId Customer1', log.to_comment)
|
||||
assert_nil(log.comment)
|
||||
assert_equal('answer', log.state)
|
||||
assert_equal(true, log.done)
|
||||
|
||||
# outbound - II - hangup by customer
|
||||
params = 'event=hangup&direction=out&callId=1234567890-2&cause=normalClearing&from=4930600000000&to=4912347114711'
|
||||
post '/api/v1/sipgate/out', params: params
|
||||
assert_response(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-2')
|
||||
assert(log)
|
||||
assert_equal('4930777000000', log.from)
|
||||
assert_equal('4912347114711', log.to)
|
||||
assert_equal('out', log.direction)
|
||||
assert_equal('user 1', log.from_comment)
|
||||
assert_equal('CallerId Customer1', log.to_comment)
|
||||
assert_equal('normalClearing', log.comment)
|
||||
assert_equal('hangup', log.state)
|
||||
assert_equal(true, log.done)
|
||||
|
||||
# inbound - I - new call
|
||||
params = 'event=newCall&direction=in&to=4930600000000&from=4912347114711&callId=1234567890-3&user%5B%5D=user+1'
|
||||
post '/api/v1/sipgate/in', params: params
|
||||
assert_response(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-3')
|
||||
assert(log)
|
||||
assert_equal('4930600000000', log.to)
|
||||
assert_equal('4912347114711', log.from)
|
||||
assert_equal('in', log.direction)
|
||||
assert_equal('user 1', log.to_comment)
|
||||
assert_equal('CallerId Customer1', log.from_comment)
|
||||
assert_nil(log.comment)
|
||||
assert_equal('newCall', log.state)
|
||||
assert_equal(false, log.done)
|
||||
|
||||
# inbound - I - answer by customer
|
||||
params = 'event=answer&direction=in&callId=1234567890-3&to=4930600000000&from=4912347114711'
|
||||
post '/api/v1/sipgate/in', params: params
|
||||
assert_response(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-3')
|
||||
assert(log)
|
||||
assert_equal('4930600000000', log.to)
|
||||
assert_equal('4912347114711', log.from)
|
||||
assert_equal('in', log.direction)
|
||||
assert_equal('user 1', log.to_comment)
|
||||
assert_equal('CallerId Customer1', log.from_comment)
|
||||
assert_nil(log.comment)
|
||||
assert_equal('answer', log.state)
|
||||
assert_equal(true, log.done)
|
||||
|
||||
# inbound - I - hangup by customer
|
||||
params = 'event=hangup&direction=in&callId=1234567890-3&cause=normalClearing&to=4930600000000&from=4912347114711'
|
||||
post '/api/v1/sipgate/in', params: params
|
||||
assert_response(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-3')
|
||||
assert(log)
|
||||
assert_equal('4930600000000', log.to)
|
||||
assert_equal('4912347114711', log.from)
|
||||
assert_equal('in', log.direction)
|
||||
assert_equal('user 1', log.to_comment)
|
||||
assert_equal('CallerId Customer1', log.from_comment)
|
||||
assert_equal('normalClearing', log.comment)
|
||||
assert_equal('hangup', log.state)
|
||||
assert_equal(true, log.done)
|
||||
|
||||
# inbound - II - new call
|
||||
params = 'event=newCall&direction=in&to=4930600000000&from=4912347114711&callId=1234567890-4&user%5B%5D=user+1,user+2'
|
||||
post '/api/v1/sipgate/in', params: params
|
||||
assert_response(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-4')
|
||||
assert(log)
|
||||
assert_equal('4930600000000', log.to)
|
||||
assert_equal('4912347114711', log.from)
|
||||
assert_equal('in', log.direction)
|
||||
assert_equal('user 1,user 2', log.to_comment)
|
||||
assert_equal('CallerId Customer1', log.from_comment)
|
||||
assert_nil(log.comment)
|
||||
assert_equal('newCall', log.state)
|
||||
assert_equal(false, log.done)
|
||||
|
||||
# inbound - II - answer by voicemail
|
||||
params = 'event=answer&direction=in&callId=1234567890-4&to=4930600000000&from=4912347114711&user=voicemail'
|
||||
post '/api/v1/sipgate/in', params: params
|
||||
assert_response(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-4')
|
||||
assert(log)
|
||||
assert_equal('4930600000000', log.to)
|
||||
assert_equal('4912347114711', log.from)
|
||||
assert_equal('in', log.direction)
|
||||
assert_equal('voicemail', log.to_comment)
|
||||
assert_equal('CallerId Customer1', log.from_comment)
|
||||
assert_nil(log.comment)
|
||||
assert_equal('answer', log.state)
|
||||
assert_equal(true, log.done)
|
||||
|
||||
# inbound - II - hangup by customer
|
||||
params = 'event=hangup&direction=in&callId=1234567890-4&cause=normalClearing&to=4930600000000&from=4912347114711'
|
||||
post '/api/v1/sipgate/in', params: params
|
||||
assert_response(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-4')
|
||||
assert(log)
|
||||
assert_equal('4930600000000', log.to)
|
||||
assert_equal('4912347114711', log.from)
|
||||
assert_equal('in', log.direction)
|
||||
assert_equal('voicemail', log.to_comment)
|
||||
assert_equal('CallerId Customer1', log.from_comment)
|
||||
assert_equal('normalClearing', log.comment)
|
||||
assert_equal('hangup', log.state)
|
||||
assert_equal(false, log.done)
|
||||
|
||||
# inbound - III - new call
|
||||
params = 'event=newCall&direction=in&to=4930600000000&from=4912347114711&callId=1234567890-5&user%5B%5D=user+1,user+2'
|
||||
post '/api/v1/sipgate/in', params: params
|
||||
assert_response(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-5')
|
||||
assert(log)
|
||||
assert_equal('4930600000000', log.to)
|
||||
assert_equal('4912347114711', log.from)
|
||||
assert_equal('in', log.direction)
|
||||
assert_equal('user 1,user 2', log.to_comment)
|
||||
assert_equal('CallerId Customer1', log.from_comment)
|
||||
assert_nil(log.comment)
|
||||
assert_equal('newCall', log.state)
|
||||
assert_equal(false, log.done)
|
||||
|
||||
# inbound - III - hangup by customer
|
||||
params = 'event=hangup&direction=in&callId=1234567890-5&cause=normalClearing&to=4930600000000&from=4912347114711'
|
||||
post '/api/v1/sipgate/in', params: params
|
||||
assert_response(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-5')
|
||||
assert(log)
|
||||
assert_equal('4930600000000', log.to)
|
||||
assert_equal('4912347114711', log.from)
|
||||
assert_equal('in', log.direction)
|
||||
assert_equal('user 1,user 2', log.to_comment)
|
||||
assert_equal('CallerId Customer1', log.from_comment)
|
||||
assert_equal('normalClearing', log.comment)
|
||||
assert_equal('hangup', log.state)
|
||||
assert_equal(false, log.done)
|
||||
|
||||
# inbound - IV - new call
|
||||
params = 'event=newCall&direction=in&to=4930600000000&from=49999992222222&callId=1234567890-6&user%5B%5D=user+1,user+2'
|
||||
post '/api/v1/sipgate/in', params: params
|
||||
assert_response(200)
|
||||
log = Cti::Log.find_by(call_id: '1234567890-6')
|
||||
assert(log)
|
||||
assert_equal('4930600000000', log.to)
|
||||
assert_equal('49999992222222', log.from)
|
||||
assert_equal('in', log.direction)
|
||||
assert_equal('user 1,user 2', log.to_comment)
|
||||
assert_equal('CallerId Customer3,CallerId Customer2', log.from_comment)
|
||||
assert_not(log.preferences['to'])
|
||||
assert(log.preferences['from'])
|
||||
assert_nil(log.comment)
|
||||
assert_equal('newCall', log.state)
|
||||
assert_equal(false, log.done)
|
||||
|
||||
# get caller list
|
||||
get '/api/v1/cti/log'
|
||||
assert_response(401)
|
||||
|
||||
customer2 = User.lookup(login: 'ticket-caller_id_sipgate-customer2@example.com')
|
||||
customer3 = User.lookup(login: 'ticket-caller_id_sipgate-customer3@example.com')
|
||||
|
||||
headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('cti-agent@example.com', 'agentpw')
|
||||
get '/api/v1/cti/log', headers: headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result['list'].class, Array)
|
||||
assert_equal(6, result['list'].count)
|
||||
assert(result['assets'])
|
||||
assert(result['assets']['User'])
|
||||
assert(result['assets']['User'][customer2.id.to_s])
|
||||
assert(result['assets']['User'][customer3.id.to_s])
|
||||
assert_equal('1234567890-6', result['list'][0]['call_id'])
|
||||
assert_equal('1234567890-5', result['list'][1]['call_id'])
|
||||
assert_equal('1234567890-4', result['list'][2]['call_id'])
|
||||
assert_equal('1234567890-3', result['list'][3]['call_id'])
|
||||
assert_equal('1234567890-2', result['list'][4]['call_id'])
|
||||
assert_equal('hangup', result['list'][4]['state'])
|
||||
assert_equal('4930777000000', result['list'][4]['from'])
|
||||
assert_equal('user 1', result['list'][4]['from_comment'])
|
||||
assert_equal('4912347114711', result['list'][4]['to'])
|
||||
assert_equal('CallerId Customer1', result['list'][4]['to_comment'])
|
||||
assert_equal('normalClearing', result['list'][4]['comment'])
|
||||
assert_equal('hangup', result['list'][4]['state'])
|
||||
assert_equal('1234567890-1', result['list'][5]['call_id'])
|
||||
|
||||
end
|
||||
|
||||
end
|
|
@ -1,29 +0,0 @@
|
|||
|
||||
require 'test_helper'
|
||||
|
||||
class OAuthControllerTest < ActionDispatch::IntegrationTest
|
||||
|
||||
test 'o365 - start' do
|
||||
get '/auth/microsoft_office365', params: {}
|
||||
assert_response(302)
|
||||
assert_match('https://login.microsoftonline.com/common/oauth2/v2.0/authorize', @response.body)
|
||||
assert_match('redirect_uri=http%3A%2F%2Fzammad.example.com%2Fauth%2Fmicrosoft_office365%2Fcallback', @response.body)
|
||||
assert_match('scope=openid+email+profile', @response.body)
|
||||
assert_match('response_type=code', @response.body)
|
||||
end
|
||||
|
||||
test 'o365 - callback' do
|
||||
get '/auth/microsoft_office365/callback?code=1234&state=1234', params: {}
|
||||
assert_response(302)
|
||||
assert_match('302 Moved', @response.body)
|
||||
end
|
||||
|
||||
test 'auth failure' do
|
||||
get '/auth/failure?message=123&strategy=some_provider', params: {}
|
||||
assert_response(422)
|
||||
assert_match('<title>422: Unprocessable Entity</title>', @response.body)
|
||||
assert_match('<h1>422: The change you wanted was rejected.</h1>', @response.body)
|
||||
assert_match('<div>Message from some_provider: 123</div>', @response.body)
|
||||
end
|
||||
|
||||
end
|
|
@ -1,590 +0,0 @@
|
|||
require 'test_helper'
|
||||
|
||||
class OrganizationControllerTest < ActionDispatch::IntegrationTest
|
||||
include SearchindexHelper
|
||||
|
||||
setup do
|
||||
|
||||
# set accept header
|
||||
@headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: %w[Admin Agent])
|
||||
groups = Group.all
|
||||
|
||||
UserInfo.current_user_id = 1
|
||||
|
||||
@admin = User.create!(
|
||||
login: 'rest-admin',
|
||||
firstname: 'Rest',
|
||||
lastname: 'Agent',
|
||||
email: 'rest-admin@example.com',
|
||||
password: 'adminpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: 'Agent')
|
||||
@agent = User.create!(
|
||||
login: 'rest-agent@example.com',
|
||||
firstname: 'Rest',
|
||||
lastname: 'Agent',
|
||||
email: 'rest-agent@example.com',
|
||||
password: 'agentpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
# create customer without org
|
||||
roles = Role.where(name: 'Customer')
|
||||
@customer_without_org = User.create!(
|
||||
login: 'rest-customer1@example.com',
|
||||
firstname: 'Rest',
|
||||
lastname: 'Customer1',
|
||||
email: 'rest-customer1@example.com',
|
||||
password: 'customer1pw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
)
|
||||
|
||||
# create orgs
|
||||
@organization = Organization.create!(
|
||||
name: 'Rest Org',
|
||||
)
|
||||
@organization2 = Organization.create!(
|
||||
name: 'Rest Org #2',
|
||||
)
|
||||
@organization3 = Organization.create!(
|
||||
name: 'Rest Org #3',
|
||||
)
|
||||
|
||||
# create customer with org
|
||||
@customer_with_org = User.create!(
|
||||
login: 'rest-customer2@example.com',
|
||||
firstname: 'Rest',
|
||||
lastname: 'Customer2',
|
||||
email: 'rest-customer2@example.com',
|
||||
password: 'customer2pw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
organization_id: @organization.id,
|
||||
)
|
||||
|
||||
configure_elasticsearch do
|
||||
|
||||
travel 1.minute
|
||||
|
||||
rebuild_searchindex
|
||||
|
||||
# execute background jobs
|
||||
Scheduler.worker(true)
|
||||
|
||||
sleep 6
|
||||
end
|
||||
|
||||
UserInfo.current_user_id = nil
|
||||
end
|
||||
|
||||
test 'organization index with agent' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-agent@example.com', 'agentpw')
|
||||
|
||||
# index
|
||||
get '/api/v1/organizations', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Array)
|
||||
assert_equal(result[0]['member_ids'].class, Array)
|
||||
assert(result.length >= 3)
|
||||
|
||||
get '/api/v1/organizations?limit=40&page=1&per_page=2', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
organizations = Organization.order(:id).limit(2)
|
||||
assert_equal(organizations[0].id, result[0]['id'])
|
||||
assert_equal(organizations[0].member_ids, result[0]['member_ids'])
|
||||
assert_equal(organizations[1].id, result[1]['id'])
|
||||
assert_equal(organizations[1].member_ids, result[1]['member_ids'])
|
||||
assert_equal(2, result.count)
|
||||
|
||||
get '/api/v1/organizations?limit=40&page=2&per_page=2', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
organizations = Organization.order(:id).limit(4)
|
||||
assert_equal(organizations[2].id, result[0]['id'])
|
||||
assert_equal(organizations[2].member_ids, result[0]['member_ids'])
|
||||
assert_equal(organizations[3].id, result[1]['id'])
|
||||
assert_equal(organizations[3].member_ids, result[1]['member_ids'])
|
||||
|
||||
assert_equal(2, result.count)
|
||||
|
||||
# show/:id
|
||||
get "/api/v1/organizations/#{@organization.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_equal(result['member_ids'].class, Array)
|
||||
assert_not(result['members'])
|
||||
assert_equal(result['name'], 'Rest Org')
|
||||
|
||||
get "/api/v1/organizations/#{@organization2.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_equal(result['member_ids'].class, Array)
|
||||
assert_not(result['members'])
|
||||
assert_equal(result['name'], 'Rest Org #2')
|
||||
|
||||
# search as agent
|
||||
Scheduler.worker(true)
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal('Zammad Foundation', result[0]['name'])
|
||||
assert(result[0]['member_ids'])
|
||||
assert_not(result[0]['members'])
|
||||
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}&expand=true", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal('Zammad Foundation', result[0]['name'])
|
||||
assert(result[0]['member_ids'])
|
||||
assert(result[0]['members'])
|
||||
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}&label=true", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal('Zammad Foundation', result[0]['label'])
|
||||
assert_equal('Zammad Foundation', result[0]['value'])
|
||||
assert_not(result[0]['member_ids'])
|
||||
assert_not(result[0]['members'])
|
||||
end
|
||||
|
||||
test 'organization index with customer1' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-customer1@example.com', 'customer1pw')
|
||||
|
||||
# index
|
||||
get '/api/v1/organizations', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Array)
|
||||
assert_equal(result.length, 0)
|
||||
|
||||
# show/:id
|
||||
get "/api/v1/organizations/#{@organization.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_nil(result['name'])
|
||||
|
||||
get "/api/v1/organizations/#{@organization2.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_nil(result['name'])
|
||||
|
||||
# search
|
||||
Scheduler.worker(true)
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
end
|
||||
|
||||
test 'organization index with customer2' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-customer2@example.com', 'customer2pw')
|
||||
|
||||
# index
|
||||
get '/api/v1/organizations', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Array)
|
||||
assert_equal(result.length, 1)
|
||||
|
||||
# show/:id
|
||||
get "/api/v1/organizations/#{@organization.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_equal(result['name'], 'Rest Org')
|
||||
|
||||
get "/api/v1/organizations/#{@organization2.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_nil(result['name'])
|
||||
|
||||
# search
|
||||
Scheduler.worker(true)
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
end
|
||||
|
||||
test '04.01 organization show and response format' do
|
||||
organization = Organization.create!(
|
||||
name: 'Rest Org NEW',
|
||||
members: [@customer_without_org],
|
||||
updated_by_id: @admin.id,
|
||||
created_by_id: @admin.id,
|
||||
)
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin@example.com', 'adminpw')
|
||||
get "/api/v1/organizations/#{organization.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal(organization.id, result['id'])
|
||||
assert_equal(organization.name, result['name'])
|
||||
assert_not(result['members'])
|
||||
assert_equal([@customer_without_org.id], result['member_ids'])
|
||||
assert_equal(@admin.id, result['updated_by_id'])
|
||||
assert_equal(@admin.id, result['created_by_id'])
|
||||
|
||||
get "/api/v1/organizations/#{organization.id}?expand=true", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal(organization.id, result['id'])
|
||||
assert_equal(organization.name, result['name'])
|
||||
assert(result['members'])
|
||||
assert_equal([@customer_without_org.id], result['member_ids'])
|
||||
assert_equal(@admin.id, result['updated_by_id'])
|
||||
assert_equal(@admin.id, result['created_by_id'])
|
||||
|
||||
get "/api/v1/organizations/#{organization.id}?expand=false", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal(organization.id, result['id'])
|
||||
assert_equal(organization.name, result['name'])
|
||||
assert_not(result['members'])
|
||||
assert_equal([@customer_without_org.id], result['member_ids'])
|
||||
assert_equal(@admin.id, result['updated_by_id'])
|
||||
assert_equal(@admin.id, result['created_by_id'])
|
||||
|
||||
get "/api/v1/organizations/#{organization.id}?full=true", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal(organization.id, result['id'])
|
||||
assert(result['assets'])
|
||||
assert(result['assets']['Organization'])
|
||||
assert(result['assets']['Organization'][organization.id.to_s])
|
||||
assert_equal(organization.id, result['assets']['Organization'][organization.id.to_s]['id'])
|
||||
assert_equal(organization.name, result['assets']['Organization'][organization.id.to_s]['name'])
|
||||
assert_equal(organization.member_ids, result['assets']['Organization'][organization.id.to_s]['member_ids'])
|
||||
assert_not(result['assets']['Organization'][organization.id.to_s]['members'])
|
||||
|
||||
get "/api/v1/organizations/#{organization.id}?full=false", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal(organization.id, result['id'])
|
||||
assert_equal(organization.name, result['name'])
|
||||
assert_not(result['members'])
|
||||
assert_equal([@customer_without_org.id], result['member_ids'])
|
||||
assert_equal(@admin.id, result['updated_by_id'])
|
||||
assert_equal(@admin.id, result['created_by_id'])
|
||||
end
|
||||
|
||||
test '04.02 organization index and response format' do
|
||||
organization = Organization.create!(
|
||||
name: 'Rest Org NEW',
|
||||
members: [@customer_without_org],
|
||||
updated_by_id: @admin.id,
|
||||
created_by_id: @admin.id,
|
||||
)
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin@example.com', 'adminpw')
|
||||
get '/api/v1/organizations', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal(Hash, result[0].class)
|
||||
assert_equal(organization.id, result.last['id'])
|
||||
assert_equal(organization.name, result.last['name'])
|
||||
assert_not(result.last['members'])
|
||||
assert_equal(organization.member_ids, result.last['member_ids'])
|
||||
assert_equal(@admin.id, result.last['updated_by_id'])
|
||||
assert_equal(@admin.id, result.last['created_by_id'])
|
||||
|
||||
get '/api/v1/organizations?expand=true', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal(Hash, result[0].class)
|
||||
assert_equal(organization.id, result.last['id'])
|
||||
assert_equal(organization.name, result.last['name'])
|
||||
assert_equal(organization.member_ids, result.last['member_ids'])
|
||||
assert_equal(organization.members.pluck(:login), [@customer_without_org.login])
|
||||
assert_equal(@admin.id, result.last['updated_by_id'])
|
||||
assert_equal(@admin.id, result.last['created_by_id'])
|
||||
|
||||
get '/api/v1/organizations?expand=false', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal(Hash, result[0].class)
|
||||
assert_equal(organization.id, result.last['id'])
|
||||
assert_equal(organization.name, result.last['name'])
|
||||
assert_not(result.last['members'])
|
||||
assert_equal(organization.member_ids, result.last['member_ids'])
|
||||
assert_equal(@admin.id, result.last['updated_by_id'])
|
||||
assert_equal(@admin.id, result.last['created_by_id'])
|
||||
|
||||
get '/api/v1/organizations?full=true', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal(Array, result['record_ids'].class)
|
||||
assert_equal(1, result['record_ids'][0])
|
||||
assert_equal(organization.id, result['record_ids'].last)
|
||||
assert(result['assets'])
|
||||
assert(result['assets']['Organization'])
|
||||
assert(result['assets']['Organization'][organization.id.to_s])
|
||||
assert_equal(organization.id, result['assets']['Organization'][organization.id.to_s]['id'])
|
||||
assert_equal(organization.name, result['assets']['Organization'][organization.id.to_s]['name'])
|
||||
assert_equal(organization.member_ids, result['assets']['Organization'][organization.id.to_s]['member_ids'])
|
||||
assert_not(result['assets']['Organization'][organization.id.to_s]['members'])
|
||||
|
||||
get '/api/v1/organizations?full=false', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal(Hash, result[0].class)
|
||||
assert_equal(organization.id, result.last['id'])
|
||||
assert_equal(organization.name, result.last['name'])
|
||||
assert_not(result.last['members'])
|
||||
assert_equal(organization.member_ids, result.last['member_ids'])
|
||||
assert_equal(@admin.id, result.last['updated_by_id'])
|
||||
assert_equal(@admin.id, result.last['created_by_id'])
|
||||
end
|
||||
|
||||
test '04.03 ticket create and response format' do
|
||||
params = {
|
||||
name: 'Rest Org NEW',
|
||||
members: [@customer_without_org.login],
|
||||
}
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin@example.com', 'adminpw')
|
||||
|
||||
post '/api/v1/organizations', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
organization = Organization.find(result['id'])
|
||||
assert_equal(organization.name, result['name'])
|
||||
assert_equal(organization.member_ids, result['member_ids'])
|
||||
assert_not(result['members'])
|
||||
assert_equal(@admin.id, result['updated_by_id'])
|
||||
assert_equal(@admin.id, result['created_by_id'])
|
||||
|
||||
params[:name] = 'Rest Org NEW #2'
|
||||
post '/api/v1/organizations?expand=true', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
organization = Organization.find(result['id'])
|
||||
assert_equal(organization.name, result['name'])
|
||||
assert_equal(organization.member_ids, result['member_ids'])
|
||||
assert_equal(organization.members.pluck(:login), result['members'])
|
||||
assert_equal(@admin.id, result['updated_by_id'])
|
||||
assert_equal(@admin.id, result['created_by_id'])
|
||||
|
||||
params[:name] = 'Rest Org NEW #3'
|
||||
post '/api/v1/organizations?full=true', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
organization = Organization.find(result['id'])
|
||||
assert(result['assets'])
|
||||
assert(result['assets']['Organization'])
|
||||
assert(result['assets']['Organization'][organization.id.to_s])
|
||||
assert_equal(organization.id, result['assets']['Organization'][organization.id.to_s]['id'])
|
||||
assert_equal(organization.name, result['assets']['Organization'][organization.id.to_s]['name'])
|
||||
assert_equal(organization.member_ids, result['assets']['Organization'][organization.id.to_s]['member_ids'])
|
||||
assert_not(result['assets']['Organization'][organization.id.to_s]['members'])
|
||||
|
||||
end
|
||||
|
||||
test '04.04 ticket update and response formats' do
|
||||
organization = Organization.create!(
|
||||
name: 'Rest Org NEW',
|
||||
members: [@customer_without_org],
|
||||
updated_by_id: @admin.id,
|
||||
created_by_id: @admin.id,
|
||||
)
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin@example.com', 'adminpw')
|
||||
|
||||
params = {
|
||||
name: 'a update name #1',
|
||||
}
|
||||
put "/api/v1/organizations/#{organization.id}", params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
organization = Organization.find(result['id'])
|
||||
assert_equal(params[:name], result['name'])
|
||||
assert_equal(organization.member_ids, result['member_ids'])
|
||||
assert_not(result['members'])
|
||||
assert_equal(@admin.id, result['updated_by_id'])
|
||||
assert_equal(@admin.id, result['created_by_id'])
|
||||
|
||||
params = {
|
||||
name: 'a update name #2',
|
||||
}
|
||||
put "/api/v1/organizations/#{organization.id}?expand=true", params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
organization = Organization.find(result['id'])
|
||||
assert_equal(params[:name], result['name'])
|
||||
assert_equal(organization.member_ids, result['member_ids'])
|
||||
assert_equal(organization.members.pluck(:login), [@customer_without_org.login])
|
||||
assert_equal(@admin.id, result['updated_by_id'])
|
||||
assert_equal(@admin.id, result['created_by_id'])
|
||||
|
||||
params = {
|
||||
name: 'a update name #3',
|
||||
}
|
||||
put "/api/v1/organizations/#{organization.id}?full=true", params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
organization = Organization.find(result['id'])
|
||||
assert(result['assets'])
|
||||
assert(result['assets']['Organization'])
|
||||
assert(result['assets']['Organization'][organization.id.to_s])
|
||||
assert_equal(organization.id, result['assets']['Organization'][organization.id.to_s]['id'])
|
||||
assert_equal(params[:name], result['assets']['Organization'][organization.id.to_s]['name'])
|
||||
assert_equal(organization.member_ids, result['assets']['Organization'][organization.id.to_s]['member_ids'])
|
||||
assert_not(result['assets']['Organization'][organization.id.to_s]['members'])
|
||||
|
||||
end
|
||||
|
||||
test '05.01 csv example - customer no access' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-customer1@example.com', 'customer1pw')
|
||||
|
||||
get '/api/v1/organizations/import_example', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal('Not authorized (user)!', result['error'])
|
||||
end
|
||||
|
||||
test '05.02 csv example - admin access' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin@example.com', 'adminpw')
|
||||
|
||||
get '/api/v1/organizations/import_example', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
|
||||
rows = CSV.parse(@response.body)
|
||||
header = rows.shift
|
||||
|
||||
assert_equal('id', header[0])
|
||||
assert_equal('name', header[1])
|
||||
assert_equal('shared', header[2])
|
||||
assert_equal('domain', header[3])
|
||||
assert_equal('domain_assignment', header[4])
|
||||
assert_equal('active', header[5])
|
||||
assert_equal('note', header[6])
|
||||
assert(header.include?('members'))
|
||||
end
|
||||
|
||||
test '05.03 csv import - admin access' do
|
||||
|
||||
UserInfo.current_user_id = 1
|
||||
customer1 = User.create!(
|
||||
login: 'customer1-members@example.com',
|
||||
firstname: 'Member',
|
||||
lastname: 'Customer',
|
||||
email: 'customer1-members@example.com',
|
||||
password: 'customerpw',
|
||||
active: true,
|
||||
)
|
||||
customer2 = User.create!(
|
||||
login: 'customer2-members@example.com',
|
||||
firstname: 'Member',
|
||||
lastname: 'Customer',
|
||||
email: 'customer2-members@example.com',
|
||||
password: 'customerpw',
|
||||
active: true,
|
||||
)
|
||||
UserInfo.current_user_id = nil
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin@example.com', 'adminpw')
|
||||
|
||||
# invalid file
|
||||
csv_file_path = Rails.root.join('test', 'data', 'csv', 'organization_simple_col_not_existing.csv')
|
||||
csv_file = ::Rack::Test::UploadedFile.new(csv_file_path, 'text/csv')
|
||||
post '/api/v1/organizations/import?try=true', params: { file: csv_file, col_sep: ';' }, headers: { 'Authorization' => credentials }
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
assert_equal(true, result['try'])
|
||||
assert_equal(2, result['records'].count)
|
||||
assert_equal('failed', result['result'])
|
||||
assert_equal(2, result['errors'].count)
|
||||
assert_equal("Line 1: unknown attribute 'name2' for Organization.", result['errors'][0])
|
||||
assert_equal("Line 2: unknown attribute 'name2' for Organization.", result['errors'][1])
|
||||
|
||||
# valid file try
|
||||
csv_file_path = Rails.root.join('test', 'data', 'csv', 'organization_simple.csv')
|
||||
csv_file = ::Rack::Test::UploadedFile.new(csv_file_path, 'text/csv')
|
||||
post '/api/v1/organizations/import?try=true', params: { file: csv_file, col_sep: ';' }, headers: { 'Authorization' => credentials }
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
assert_equal(true, result['try'])
|
||||
assert_equal(2, result['records'].count)
|
||||
assert_equal('success', result['result'])
|
||||
|
||||
assert_nil(Organization.find_by(name: 'organization-member-import1'))
|
||||
assert_nil(Organization.find_by(name: 'organization-member-import2'))
|
||||
|
||||
# valid file
|
||||
csv_file_path = Rails.root.join('test', 'data', 'csv', 'organization_simple.csv')
|
||||
csv_file = ::Rack::Test::UploadedFile.new(csv_file_path, 'text/csv')
|
||||
post '/api/v1/organizations/import', params: { file: csv_file, col_sep: ';' }, headers: { 'Authorization' => credentials }
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
assert_equal(false, result['try'])
|
||||
assert_equal(2, result['records'].count)
|
||||
assert_equal('success', result['result'])
|
||||
|
||||
organization1 = Organization.find_by(name: 'organization-member-import1')
|
||||
assert(organization1)
|
||||
assert_equal(organization1.name, 'organization-member-import1')
|
||||
assert_equal(organization1.members.count, 1)
|
||||
assert_equal(organization1.members.first.login, customer1.login)
|
||||
assert_equal(organization1.active, true)
|
||||
organization2 = Organization.find_by(name: 'organization-member-import2')
|
||||
assert(organization2)
|
||||
assert_equal(organization2.name, 'organization-member-import2')
|
||||
assert_equal(organization2.members.count, 1)
|
||||
assert_equal(organization2.members.first.login, customer2.login)
|
||||
assert_equal(organization2.active, false)
|
||||
|
||||
end
|
||||
|
||||
end
|
|
@ -1,638 +0,0 @@
|
|||
require 'test_helper'
|
||||
|
||||
class OrganizationsControllerTest < ActionDispatch::IntegrationTest
|
||||
include SearchindexHelper
|
||||
|
||||
setup do
|
||||
|
||||
# set accept header
|
||||
@headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: %w[Admin Agent])
|
||||
groups = Group.all
|
||||
|
||||
UserInfo.current_user_id = 1
|
||||
|
||||
@admin = User.create!(
|
||||
login: 'rest-admin',
|
||||
firstname: 'Rest',
|
||||
lastname: 'Agent',
|
||||
email: 'rest-admin@example.com',
|
||||
password: 'adminpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: 'Agent')
|
||||
@agent = User.create!(
|
||||
login: 'rest-agent@example.com',
|
||||
firstname: 'Rest',
|
||||
lastname: 'Agent',
|
||||
email: 'rest-agent@example.com',
|
||||
password: 'agentpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
# create customer without org
|
||||
roles = Role.where(name: 'Customer')
|
||||
@customer_without_org = User.create!(
|
||||
login: 'rest-customer1@example.com',
|
||||
firstname: 'Rest',
|
||||
lastname: 'Customer1',
|
||||
email: 'rest-customer1@example.com',
|
||||
password: 'customer1pw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
)
|
||||
|
||||
# create orgs
|
||||
@organization = Organization.create!(
|
||||
name: 'Rest Org #1',
|
||||
note: 'Rest Org A',
|
||||
created_at: '2018-02-05 17:42:00',
|
||||
updated_at: '2018-02-05 20:42:00',
|
||||
)
|
||||
@organization2 = Organization.create!(
|
||||
name: 'Rest Org #2',
|
||||
note: 'Rest Org B',
|
||||
created_at: '2018-02-05 18:42:00',
|
||||
updated_at: '2018-02-05 18:42:00',
|
||||
)
|
||||
@organization3 = Organization.create!(
|
||||
name: 'Rest Org #3',
|
||||
note: 'Rest Org C',
|
||||
created_at: '2018-02-05 19:42:00',
|
||||
updated_at: '2018-02-05 19:42:00',
|
||||
)
|
||||
|
||||
# create customer with org
|
||||
@customer_with_org = User.create!(
|
||||
login: 'rest-customer2@example.com',
|
||||
firstname: 'Rest',
|
||||
lastname: 'Customer2',
|
||||
email: 'rest-customer2@example.com',
|
||||
password: 'customer2pw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
organization_id: @organization.id,
|
||||
)
|
||||
|
||||
configure_elasticsearch do
|
||||
|
||||
travel 1.minute
|
||||
|
||||
rebuild_searchindex
|
||||
|
||||
# execute background jobs
|
||||
Scheduler.worker(true)
|
||||
|
||||
sleep 6
|
||||
end
|
||||
|
||||
UserInfo.current_user_id = nil
|
||||
end
|
||||
|
||||
test 'organization index with agent' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-agent@example.com', 'agentpw')
|
||||
|
||||
# index
|
||||
get '/api/v1/organizations', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Array)
|
||||
assert_equal(result[0]['member_ids'].class, Array)
|
||||
assert(result.length >= 3)
|
||||
|
||||
get '/api/v1/organizations?limit=40&page=1&per_page=2', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
organizations = Organization.order(:id).limit(2)
|
||||
assert_equal(organizations[0].id, result[0]['id'])
|
||||
assert_equal(organizations[0].member_ids, result[0]['member_ids'])
|
||||
assert_equal(organizations[1].id, result[1]['id'])
|
||||
assert_equal(organizations[1].member_ids, result[1]['member_ids'])
|
||||
assert_equal(2, result.count)
|
||||
|
||||
get '/api/v1/organizations?limit=40&page=2&per_page=2', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
organizations = Organization.order(:id).limit(4)
|
||||
assert_equal(organizations[2].id, result[0]['id'])
|
||||
assert_equal(organizations[2].member_ids, result[0]['member_ids'])
|
||||
assert_equal(organizations[3].id, result[1]['id'])
|
||||
assert_equal(organizations[3].member_ids, result[1]['member_ids'])
|
||||
|
||||
assert_equal(2, result.count)
|
||||
|
||||
# show/:id
|
||||
get "/api/v1/organizations/#{@organization.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_equal(result['member_ids'].class, Array)
|
||||
assert_not(result['members'])
|
||||
assert_equal(result['name'], 'Rest Org #1')
|
||||
|
||||
get "/api/v1/organizations/#{@organization2.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_equal(result['member_ids'].class, Array)
|
||||
assert_not(result['members'])
|
||||
assert_equal(result['name'], 'Rest Org #2')
|
||||
|
||||
# search as agent
|
||||
Scheduler.worker(true)
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal('Zammad Foundation', result[0]['name'])
|
||||
assert(result[0]['member_ids'])
|
||||
assert_not(result[0]['members'])
|
||||
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}&expand=true", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal('Zammad Foundation', result[0]['name'])
|
||||
assert(result[0]['member_ids'])
|
||||
assert(result[0]['members'])
|
||||
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}&label=true", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal('Zammad Foundation', result[0]['label'])
|
||||
assert_equal('Zammad Foundation', result[0]['value'])
|
||||
assert_not(result[0]['member_ids'])
|
||||
assert_not(result[0]['members'])
|
||||
end
|
||||
|
||||
test 'organization index with customer1' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-customer1@example.com', 'customer1pw')
|
||||
|
||||
# index
|
||||
get '/api/v1/organizations', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Array)
|
||||
assert_equal(result.length, 0)
|
||||
|
||||
# show/:id
|
||||
get "/api/v1/organizations/#{@organization.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_nil(result['name'])
|
||||
|
||||
get "/api/v1/organizations/#{@organization2.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_nil(result['name'])
|
||||
|
||||
# search
|
||||
Scheduler.worker(true)
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
end
|
||||
|
||||
test 'organization index with customer2' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-customer2@example.com', 'customer2pw')
|
||||
|
||||
# index
|
||||
get '/api/v1/organizations', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Array)
|
||||
assert_equal(result.length, 1)
|
||||
|
||||
# show/:id
|
||||
get "/api/v1/organizations/#{@organization.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_equal(result['name'], 'Rest Org #1')
|
||||
|
||||
get "/api/v1/organizations/#{@organization2.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_nil(result['name'])
|
||||
|
||||
# search
|
||||
Scheduler.worker(true)
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
end
|
||||
|
||||
test 'organization search sortable' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin', 'adminpw')
|
||||
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Rest Org')}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
result.collect! { |v| v['id'] }
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal([ @organization.id, @organization3.id, @organization2.id ], result)
|
||||
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Rest Org')}", params: { sort_by: 'created_at', order_by: 'asc' }, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
result.collect! { |v| v['id'] }
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal([ @organization.id, @organization2.id, @organization3.id ], result)
|
||||
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Rest Org')}", params: { sort_by: 'note', order_by: 'asc' }, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
result.collect! { |v| v['id'] }
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal([ @organization.id, @organization2.id, @organization3.id ], result)
|
||||
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Rest Org')}", params: { sort_by: 'note', order_by: 'desc' }, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
result.collect! { |v| v['id'] }
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal([ @organization3.id, @organization2.id, @organization.id ], result)
|
||||
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Rest Org')}", params: { sort_by: %w[note created_at], order_by: %w[desc asc] }, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
result.collect! { |v| v['id'] }
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal([ @organization3.id, @organization2.id, @organization.id ], result)
|
||||
end
|
||||
|
||||
test '04.01 organization show and response format' do
|
||||
organization = Organization.create!(
|
||||
name: 'Rest Org NEW',
|
||||
members: [@customer_without_org],
|
||||
updated_by_id: @admin.id,
|
||||
created_by_id: @admin.id,
|
||||
)
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin@example.com', 'adminpw')
|
||||
get "/api/v1/organizations/#{organization.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal(organization.id, result['id'])
|
||||
assert_equal(organization.name, result['name'])
|
||||
assert_not(result['members'])
|
||||
assert_equal([@customer_without_org.id], result['member_ids'])
|
||||
assert_equal(@admin.id, result['updated_by_id'])
|
||||
assert_equal(@admin.id, result['created_by_id'])
|
||||
|
||||
get "/api/v1/organizations/#{organization.id}?expand=true", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal(organization.id, result['id'])
|
||||
assert_equal(organization.name, result['name'])
|
||||
assert(result['members'])
|
||||
assert_equal([@customer_without_org.id], result['member_ids'])
|
||||
assert_equal(@admin.id, result['updated_by_id'])
|
||||
assert_equal(@admin.id, result['created_by_id'])
|
||||
|
||||
get "/api/v1/organizations/#{organization.id}?expand=false", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal(organization.id, result['id'])
|
||||
assert_equal(organization.name, result['name'])
|
||||
assert_not(result['members'])
|
||||
assert_equal([@customer_without_org.id], result['member_ids'])
|
||||
assert_equal(@admin.id, result['updated_by_id'])
|
||||
assert_equal(@admin.id, result['created_by_id'])
|
||||
|
||||
get "/api/v1/organizations/#{organization.id}?full=true", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal(organization.id, result['id'])
|
||||
assert(result['assets'])
|
||||
assert(result['assets']['Organization'])
|
||||
assert(result['assets']['Organization'][organization.id.to_s])
|
||||
assert_equal(organization.id, result['assets']['Organization'][organization.id.to_s]['id'])
|
||||
assert_equal(organization.name, result['assets']['Organization'][organization.id.to_s]['name'])
|
||||
assert_equal(organization.member_ids, result['assets']['Organization'][organization.id.to_s]['member_ids'])
|
||||
assert_not(result['assets']['Organization'][organization.id.to_s]['members'])
|
||||
|
||||
get "/api/v1/organizations/#{organization.id}?full=false", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal(organization.id, result['id'])
|
||||
assert_equal(organization.name, result['name'])
|
||||
assert_not(result['members'])
|
||||
assert_equal([@customer_without_org.id], result['member_ids'])
|
||||
assert_equal(@admin.id, result['updated_by_id'])
|
||||
assert_equal(@admin.id, result['created_by_id'])
|
||||
end
|
||||
|
||||
test '04.02 organization index and response format' do
|
||||
organization = Organization.create!(
|
||||
name: 'Rest Org NEW',
|
||||
members: [@customer_without_org],
|
||||
updated_by_id: @admin.id,
|
||||
created_by_id: @admin.id,
|
||||
)
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin@example.com', 'adminpw')
|
||||
get '/api/v1/organizations', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal(Hash, result[0].class)
|
||||
assert_equal(organization.id, result.last['id'])
|
||||
assert_equal(organization.name, result.last['name'])
|
||||
assert_not(result.last['members'])
|
||||
assert_equal(organization.member_ids, result.last['member_ids'])
|
||||
assert_equal(@admin.id, result.last['updated_by_id'])
|
||||
assert_equal(@admin.id, result.last['created_by_id'])
|
||||
|
||||
get '/api/v1/organizations?expand=true', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal(Hash, result[0].class)
|
||||
assert_equal(organization.id, result.last['id'])
|
||||
assert_equal(organization.name, result.last['name'])
|
||||
assert_equal(organization.member_ids, result.last['member_ids'])
|
||||
assert_equal(organization.members.pluck(:login), [@customer_without_org.login])
|
||||
assert_equal(@admin.id, result.last['updated_by_id'])
|
||||
assert_equal(@admin.id, result.last['created_by_id'])
|
||||
|
||||
get '/api/v1/organizations?expand=false', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal(Hash, result[0].class)
|
||||
assert_equal(organization.id, result.last['id'])
|
||||
assert_equal(organization.name, result.last['name'])
|
||||
assert_not(result.last['members'])
|
||||
assert_equal(organization.member_ids, result.last['member_ids'])
|
||||
assert_equal(@admin.id, result.last['updated_by_id'])
|
||||
assert_equal(@admin.id, result.last['created_by_id'])
|
||||
|
||||
get '/api/v1/organizations?full=true', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal(Array, result['record_ids'].class)
|
||||
assert_equal(1, result['record_ids'][0])
|
||||
assert_equal(organization.id, result['record_ids'].last)
|
||||
assert(result['assets'])
|
||||
assert(result['assets']['Organization'])
|
||||
assert(result['assets']['Organization'][organization.id.to_s])
|
||||
assert_equal(organization.id, result['assets']['Organization'][organization.id.to_s]['id'])
|
||||
assert_equal(organization.name, result['assets']['Organization'][organization.id.to_s]['name'])
|
||||
assert_equal(organization.member_ids, result['assets']['Organization'][organization.id.to_s]['member_ids'])
|
||||
assert_not(result['assets']['Organization'][organization.id.to_s]['members'])
|
||||
|
||||
get '/api/v1/organizations?full=false', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal(Hash, result[0].class)
|
||||
assert_equal(organization.id, result.last['id'])
|
||||
assert_equal(organization.name, result.last['name'])
|
||||
assert_not(result.last['members'])
|
||||
assert_equal(organization.member_ids, result.last['member_ids'])
|
||||
assert_equal(@admin.id, result.last['updated_by_id'])
|
||||
assert_equal(@admin.id, result.last['created_by_id'])
|
||||
end
|
||||
|
||||
test '04.03 ticket create and response format' do
|
||||
params = {
|
||||
name: 'Rest Org NEW',
|
||||
members: [@customer_without_org.login],
|
||||
}
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin@example.com', 'adminpw')
|
||||
|
||||
post '/api/v1/organizations', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
organization = Organization.find(result['id'])
|
||||
assert_equal(organization.name, result['name'])
|
||||
assert_equal(organization.member_ids, result['member_ids'])
|
||||
assert_not(result['members'])
|
||||
assert_equal(@admin.id, result['updated_by_id'])
|
||||
assert_equal(@admin.id, result['created_by_id'])
|
||||
|
||||
params[:name] = 'Rest Org NEW #2'
|
||||
post '/api/v1/organizations?expand=true', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
organization = Organization.find(result['id'])
|
||||
assert_equal(organization.name, result['name'])
|
||||
assert_equal(organization.member_ids, result['member_ids'])
|
||||
assert_equal(organization.members.pluck(:login), result['members'])
|
||||
assert_equal(@admin.id, result['updated_by_id'])
|
||||
assert_equal(@admin.id, result['created_by_id'])
|
||||
|
||||
params[:name] = 'Rest Org NEW #3'
|
||||
post '/api/v1/organizations?full=true', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
organization = Organization.find(result['id'])
|
||||
assert(result['assets'])
|
||||
assert(result['assets']['Organization'])
|
||||
assert(result['assets']['Organization'][organization.id.to_s])
|
||||
assert_equal(organization.id, result['assets']['Organization'][organization.id.to_s]['id'])
|
||||
assert_equal(organization.name, result['assets']['Organization'][organization.id.to_s]['name'])
|
||||
assert_equal(organization.member_ids, result['assets']['Organization'][organization.id.to_s]['member_ids'])
|
||||
assert_not(result['assets']['Organization'][organization.id.to_s]['members'])
|
||||
|
||||
end
|
||||
|
||||
test '04.04 ticket update and response formats' do
|
||||
organization = Organization.create!(
|
||||
name: 'Rest Org NEW',
|
||||
members: [@customer_without_org],
|
||||
updated_by_id: @admin.id,
|
||||
created_by_id: @admin.id,
|
||||
)
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin@example.com', 'adminpw')
|
||||
|
||||
params = {
|
||||
name: 'a update name #1',
|
||||
}
|
||||
put "/api/v1/organizations/#{organization.id}", params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
organization = Organization.find(result['id'])
|
||||
assert_equal(params[:name], result['name'])
|
||||
assert_equal(organization.member_ids, result['member_ids'])
|
||||
assert_not(result['members'])
|
||||
assert_equal(@admin.id, result['updated_by_id'])
|
||||
assert_equal(@admin.id, result['created_by_id'])
|
||||
|
||||
params = {
|
||||
name: 'a update name #2',
|
||||
}
|
||||
put "/api/v1/organizations/#{organization.id}?expand=true", params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
organization = Organization.find(result['id'])
|
||||
assert_equal(params[:name], result['name'])
|
||||
assert_equal(organization.member_ids, result['member_ids'])
|
||||
assert_equal(organization.members.pluck(:login), [@customer_without_org.login])
|
||||
assert_equal(@admin.id, result['updated_by_id'])
|
||||
assert_equal(@admin.id, result['created_by_id'])
|
||||
|
||||
params = {
|
||||
name: 'a update name #3',
|
||||
}
|
||||
put "/api/v1/organizations/#{organization.id}?full=true", params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
organization = Organization.find(result['id'])
|
||||
assert(result['assets'])
|
||||
assert(result['assets']['Organization'])
|
||||
assert(result['assets']['Organization'][organization.id.to_s])
|
||||
assert_equal(organization.id, result['assets']['Organization'][organization.id.to_s]['id'])
|
||||
assert_equal(params[:name], result['assets']['Organization'][organization.id.to_s]['name'])
|
||||
assert_equal(organization.member_ids, result['assets']['Organization'][organization.id.to_s]['member_ids'])
|
||||
assert_not(result['assets']['Organization'][organization.id.to_s]['members'])
|
||||
|
||||
end
|
||||
|
||||
test '05.01 csv example - customer no access' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-customer1@example.com', 'customer1pw')
|
||||
|
||||
get '/api/v1/organizations/import_example', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal('Not authorized (user)!', result['error'])
|
||||
end
|
||||
|
||||
test '05.02 csv example - admin access' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin@example.com', 'adminpw')
|
||||
|
||||
get '/api/v1/organizations/import_example', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
|
||||
rows = CSV.parse(@response.body)
|
||||
header = rows.shift
|
||||
|
||||
assert_equal('id', header[0])
|
||||
assert_equal('name', header[1])
|
||||
assert_equal('shared', header[2])
|
||||
assert_equal('domain', header[3])
|
||||
assert_equal('domain_assignment', header[4])
|
||||
assert_equal('active', header[5])
|
||||
assert_equal('note', header[6])
|
||||
assert(header.include?('members'))
|
||||
end
|
||||
|
||||
test '05.03 csv import - admin access' do
|
||||
|
||||
UserInfo.current_user_id = 1
|
||||
customer1 = User.create!(
|
||||
login: 'customer1-members@example.com',
|
||||
firstname: 'Member',
|
||||
lastname: 'Customer',
|
||||
email: 'customer1-members@example.com',
|
||||
password: 'customerpw',
|
||||
active: true,
|
||||
)
|
||||
customer2 = User.create!(
|
||||
login: 'customer2-members@example.com',
|
||||
firstname: 'Member',
|
||||
lastname: 'Customer',
|
||||
email: 'customer2-members@example.com',
|
||||
password: 'customerpw',
|
||||
active: true,
|
||||
)
|
||||
UserInfo.current_user_id = nil
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin@example.com', 'adminpw')
|
||||
|
||||
# invalid file
|
||||
csv_file_path = Rails.root.join('test', 'data', 'csv', 'organization_simple_col_not_existing.csv')
|
||||
csv_file = ::Rack::Test::UploadedFile.new(csv_file_path, 'text/csv')
|
||||
post '/api/v1/organizations/import?try=true', params: { file: csv_file, col_sep: ';' }, headers: { 'Authorization' => credentials }
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
assert_equal(true, result['try'])
|
||||
assert_equal(2, result['records'].count)
|
||||
assert_equal('failed', result['result'])
|
||||
assert_equal(2, result['errors'].count)
|
||||
assert_equal("Line 1: unknown attribute 'name2' for Organization.", result['errors'][0])
|
||||
assert_equal("Line 2: unknown attribute 'name2' for Organization.", result['errors'][1])
|
||||
|
||||
# valid file try
|
||||
csv_file_path = Rails.root.join('test', 'data', 'csv', 'organization_simple.csv')
|
||||
csv_file = ::Rack::Test::UploadedFile.new(csv_file_path, 'text/csv')
|
||||
post '/api/v1/organizations/import?try=true', params: { file: csv_file, col_sep: ';' }, headers: { 'Authorization' => credentials }
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
assert_equal(true, result['try'])
|
||||
assert_equal(2, result['records'].count)
|
||||
assert_equal('success', result['result'])
|
||||
|
||||
assert_nil(Organization.find_by(name: 'organization-member-import1'))
|
||||
assert_nil(Organization.find_by(name: 'organization-member-import2'))
|
||||
|
||||
# valid file
|
||||
csv_file_path = Rails.root.join('test', 'data', 'csv', 'organization_simple.csv')
|
||||
csv_file = ::Rack::Test::UploadedFile.new(csv_file_path, 'text/csv')
|
||||
post '/api/v1/organizations/import', params: { file: csv_file, col_sep: ';' }, headers: { 'Authorization' => credentials }
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
assert_equal(false, result['try'])
|
||||
assert_equal(2, result['records'].count)
|
||||
assert_equal('success', result['result'])
|
||||
|
||||
organization1 = Organization.find_by(name: 'organization-member-import1')
|
||||
assert(organization1)
|
||||
assert_equal(organization1.name, 'organization-member-import1')
|
||||
assert_equal(organization1.members.count, 1)
|
||||
assert_equal(organization1.members.first.login, customer1.login)
|
||||
assert_equal(organization1.active, true)
|
||||
organization2 = Organization.find_by(name: 'organization-member-import2')
|
||||
assert(organization2)
|
||||
assert_equal(organization2.name, 'organization-member-import2')
|
||||
assert_equal(organization2.members.count, 1)
|
||||
assert_equal(organization2.members.first.login, customer2.login)
|
||||
assert_equal(organization2.active, false)
|
||||
|
||||
end
|
||||
|
||||
end
|
|
@ -1,221 +0,0 @@
|
|||
|
||||
require 'test_helper'
|
||||
|
||||
class OverviewsControllerTest < ActionDispatch::IntegrationTest
|
||||
setup do
|
||||
|
||||
# set accept header
|
||||
@headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: %w[Admin Agent])
|
||||
groups = Group.all
|
||||
|
||||
UserInfo.current_user_id = 1
|
||||
@admin = User.create!(
|
||||
login: 'tickets-admin',
|
||||
firstname: 'Tickets',
|
||||
lastname: 'Admin',
|
||||
email: 'tickets-admin@example.com',
|
||||
password: 'adminpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: 'Agent')
|
||||
@agent = User.create!(
|
||||
login: 'tickets-agent@example.com',
|
||||
firstname: 'Tickets',
|
||||
lastname: 'Agent',
|
||||
email: 'tickets-agent@example.com',
|
||||
password: 'agentpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: Group.all,
|
||||
)
|
||||
|
||||
end
|
||||
|
||||
test 'no permissions' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent', 'agentpw')
|
||||
|
||||
params = {
|
||||
name: 'Overview2',
|
||||
link: 'my_overview',
|
||||
roles: Role.where(name: 'Agent').pluck(:name),
|
||||
condition: {
|
||||
'ticket.state_id' => {
|
||||
operator: 'is',
|
||||
value: [1, 2, 3],
|
||||
},
|
||||
},
|
||||
order: {
|
||||
by: 'created_at',
|
||||
direction: 'DESC',
|
||||
},
|
||||
view: {
|
||||
d: %w[title customer state created_at],
|
||||
s: %w[number title customer state created_at],
|
||||
m: %w[number title customer state created_at],
|
||||
view_mode_default: 's',
|
||||
},
|
||||
}
|
||||
|
||||
post '/api/v1/overviews', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('authentication failed', result['error'])
|
||||
end
|
||||
|
||||
test 'create overviews' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-admin', 'adminpw')
|
||||
|
||||
params = {
|
||||
name: 'Overview2',
|
||||
link: 'my_overview',
|
||||
roles: Role.where(name: 'Agent').pluck(:name),
|
||||
condition: {
|
||||
'ticket.state_id' => {
|
||||
operator: 'is',
|
||||
value: [1, 2, 3],
|
||||
},
|
||||
},
|
||||
order: {
|
||||
by: 'created_at',
|
||||
direction: 'DESC',
|
||||
},
|
||||
view: {
|
||||
d: %w[title customer state created_at],
|
||||
s: %w[number title customer state created_at],
|
||||
m: %w[number title customer state created_at],
|
||||
view_mode_default: 's',
|
||||
},
|
||||
}
|
||||
|
||||
post '/api/v1/overviews', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('Overview2', result['name'])
|
||||
assert_equal('my_overview', result['link'])
|
||||
|
||||
post '/api/v1/overviews', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('Overview2', result['name'])
|
||||
assert_equal('my_overview_1', result['link'])
|
||||
end
|
||||
|
||||
test 'set mass prio' do
|
||||
roles = Role.where(name: 'Agent')
|
||||
overview1 = Overview.create!(
|
||||
name: 'Overview1',
|
||||
link: 'my_overview',
|
||||
roles: roles,
|
||||
condition: {
|
||||
'ticket.state_id' => {
|
||||
operator: 'is',
|
||||
value: [1, 2, 3],
|
||||
},
|
||||
},
|
||||
order: {
|
||||
by: 'created_at',
|
||||
direction: 'DESC',
|
||||
},
|
||||
view: {
|
||||
d: %w[title customer state created_at],
|
||||
s: %w[number title customer state created_at],
|
||||
m: %w[number title customer state created_at],
|
||||
view_mode_default: 's',
|
||||
},
|
||||
prio: 1,
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1,
|
||||
)
|
||||
overview2 = Overview.create!(
|
||||
name: 'Overview2',
|
||||
link: 'my_overview',
|
||||
roles: roles,
|
||||
condition: {
|
||||
'ticket.state_id' => {
|
||||
operator: 'is',
|
||||
value: [1, 2, 3],
|
||||
},
|
||||
},
|
||||
order: {
|
||||
by: 'created_at',
|
||||
direction: 'DESC',
|
||||
},
|
||||
view: {
|
||||
d: %w[title customer state created_at],
|
||||
s: %w[number title customer state created_at],
|
||||
m: %w[number title customer state created_at],
|
||||
view_mode_default: 's',
|
||||
},
|
||||
prio: 2,
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1,
|
||||
)
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-admin', 'adminpw')
|
||||
params = {
|
||||
prios: [
|
||||
[overview2.id, 1],
|
||||
[overview1.id, 2],
|
||||
]
|
||||
}
|
||||
post '/api/v1/overviews_prio', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal(true, result['success'])
|
||||
|
||||
overview1.reload
|
||||
overview2.reload
|
||||
|
||||
assert_equal(2, overview1.prio)
|
||||
assert_equal(1, overview2.prio)
|
||||
end
|
||||
|
||||
test 'create an overview with group_by direction' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-admin', 'adminpw')
|
||||
|
||||
params = {
|
||||
name: 'Overview2',
|
||||
link: 'my_overview',
|
||||
roles: Role.where(name: 'Agent').pluck(:name),
|
||||
condition: {
|
||||
'ticket.state_id' => {
|
||||
operator: 'is',
|
||||
value: [1, 2, 3],
|
||||
},
|
||||
},
|
||||
order: {
|
||||
by: 'created_at',
|
||||
direction: 'DESC',
|
||||
},
|
||||
group_by: 'priority',
|
||||
group_direction: 'ASC',
|
||||
view: {
|
||||
d: %w[title customer state created_at],
|
||||
s: %w[number title customer state created_at],
|
||||
m: %w[number title customer state created_at],
|
||||
view_mode_default: 's',
|
||||
},
|
||||
}
|
||||
|
||||
post '/api/v1/overviews', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('Overview2', result['name'])
|
||||
assert_equal('my_overview', result['link'])
|
||||
assert_equal('priority', result['group_by'])
|
||||
assert_equal('ASC', result['group_direction'])
|
||||
end
|
||||
|
||||
end
|
|
@ -1,131 +0,0 @@
|
|||
|
||||
require 'test_helper'
|
||||
|
||||
class PackagesControllerTest < ActionDispatch::IntegrationTest
|
||||
setup do
|
||||
|
||||
# set accept header
|
||||
@headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: %w[Admin Agent])
|
||||
groups = Group.all
|
||||
|
||||
UserInfo.current_user_id = 1
|
||||
@admin = User.create!(
|
||||
login: 'packages-admin',
|
||||
firstname: 'Packages',
|
||||
lastname: 'Admin',
|
||||
email: 'packages-admin@example.com',
|
||||
password: 'adminpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: 'Agent')
|
||||
@agent = User.create!(
|
||||
login: 'packages-agent@example.com',
|
||||
firstname: 'Rest',
|
||||
lastname: 'Agent',
|
||||
email: 'packages-agent@example.com',
|
||||
password: 'agentpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
# create customer without org
|
||||
roles = Role.where(name: 'Customer')
|
||||
@customer_without_org = User.create!(
|
||||
login: 'packages-customer1@example.com',
|
||||
firstname: 'Packages',
|
||||
lastname: 'Customer1',
|
||||
email: 'packages-customer1@example.com',
|
||||
password: 'customer1pw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
)
|
||||
|
||||
end
|
||||
|
||||
test '01 packages index with nobody' do
|
||||
|
||||
# index
|
||||
get '/api/v1/packages', params: {}, headers: @headers
|
||||
assert_response(401)
|
||||
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_not(result['packages'])
|
||||
assert_equal('authentication failed', result['error'])
|
||||
end
|
||||
|
||||
test '02 packages index with admin' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('packages-admin@example.com', 'adminpw')
|
||||
|
||||
# index
|
||||
get '/api/v1/packages', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert(result['packages'])
|
||||
end
|
||||
|
||||
test '03 packages index with admin and wrong pw' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('packages-admin@example.com', 'wrongadminpw')
|
||||
|
||||
# index
|
||||
get '/api/v1/packages', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('authentication failed', result['error'])
|
||||
end
|
||||
|
||||
test '04 packages index with inactive admin' do
|
||||
@admin.active = false
|
||||
@admin.save!
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('packages-admin@example.com', 'adminpw')
|
||||
|
||||
# index
|
||||
get '/api/v1/packages', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('authentication failed', result['error'])
|
||||
end
|
||||
|
||||
test '05 packages index with agent' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('packages-agent@example.com', 'agentpw')
|
||||
|
||||
# index
|
||||
get '/api/v1/packages', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_not(result['packages'])
|
||||
assert_equal('Not authorized (user)!', result['error'])
|
||||
end
|
||||
|
||||
test '06 packages index with customer' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('packages-customer1@example.com', 'customer1pw')
|
||||
|
||||
# index
|
||||
get '/api/v1/packages', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_not(result['packages'])
|
||||
assert_equal('Not authorized (user)!', result['error'])
|
||||
end
|
||||
|
||||
end
|
|
@ -1,98 +0,0 @@
|
|||
require 'test_helper'
|
||||
|
||||
class ReportsControllerTest < ActionDispatch::IntegrationTest
|
||||
include SearchindexHelper
|
||||
|
||||
setup do
|
||||
|
||||
# set accept header
|
||||
@headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
|
||||
|
||||
@year = DateTime.now.utc.year
|
||||
@month = DateTime.now.utc.month
|
||||
@week = DateTime.now.utc.strftime('%U').to_i
|
||||
@day = DateTime.now.utc.day
|
||||
|
||||
roles = Role.where(name: 'Admin')
|
||||
groups = Group.all
|
||||
|
||||
UserInfo.current_user_id = 1
|
||||
|
||||
@admin = User.create!(
|
||||
login: 'rest-admin',
|
||||
firstname: 'Rest',
|
||||
lastname: 'Agent',
|
||||
email: 'rest-admin@example.com',
|
||||
password: 'adminpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1
|
||||
)
|
||||
|
||||
roles = Role.where(name: 'Customer')
|
||||
@customer_without_org = User.create!(
|
||||
login: 'rest-customer1@example.com',
|
||||
firstname: 'Rest',
|
||||
lastname: 'Customer1',
|
||||
email: 'rest-customer1@example.com',
|
||||
password: 'customer1pw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1
|
||||
)
|
||||
|
||||
@group1 = Group.create!(
|
||||
name: "GroupWithoutPermission-#{rand(9_999_999_999)}",
|
||||
active: true,
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1,
|
||||
)
|
||||
@ticket1 = Ticket.create!(
|
||||
title: 'ticket for report',
|
||||
group_id: @group1.id,
|
||||
customer_id: @customer_without_org.id,
|
||||
state: Ticket::State.lookup(name: 'open'),
|
||||
priority: Ticket::Priority.lookup(name: '2 normal'),
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1,
|
||||
)
|
||||
|
||||
Ticket::Article.create!(
|
||||
type: Ticket::Article::Type.lookup(name: 'note'),
|
||||
sender: Ticket::Article::Sender.lookup(name: 'Customer'),
|
||||
from: 'sender',
|
||||
subject: 'subject',
|
||||
body: 'some body',
|
||||
ticket_id: @ticket1.id,
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1,
|
||||
)
|
||||
|
||||
configure_elasticsearch do
|
||||
|
||||
travel 1.minute
|
||||
|
||||
rebuild_searchindex
|
||||
|
||||
# execute background jobs
|
||||
Scheduler.worker(true)
|
||||
|
||||
sleep 6
|
||||
end
|
||||
end
|
||||
|
||||
test '01.01 report example - admin access' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin@example.com', 'adminpw')
|
||||
|
||||
get "/api/v1/reports/sets?sheet=true;metric=count;year=#{@year};month=#{@month};week=#{@week};day=#{@day};timeRange=year;profile_id=1;downloadBackendSelected=count::created", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
|
||||
assert_response(200)
|
||||
assert(@response['Content-Disposition'])
|
||||
assert_equal('attachment; filename="tickets--all--Created.xls"', @response['Content-Disposition'])
|
||||
assert_equal('application/vnd.ms-excel', @response['Content-Type'])
|
||||
end
|
||||
end
|
|
@ -1,448 +0,0 @@
|
|||
require 'test_helper'
|
||||
|
||||
class SearchControllerTest < ActionDispatch::IntegrationTest
|
||||
include SearchindexHelper
|
||||
|
||||
setup do
|
||||
|
||||
# set current user
|
||||
UserInfo.current_user_id = 1
|
||||
|
||||
# set accept header
|
||||
@headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: %w[Admin Agent])
|
||||
groups = Group.all
|
||||
|
||||
@admin = User.create!(
|
||||
login: 'search-admin',
|
||||
firstname: 'Search',
|
||||
lastname: 'Admin',
|
||||
email: 'search-admin@example.com',
|
||||
password: 'adminpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: 'Agent')
|
||||
@agent = User.create!(
|
||||
login: 'search-agent@example.com',
|
||||
firstname: 'Search 1234',
|
||||
lastname: 'Agent',
|
||||
email: 'search-agent@example.com',
|
||||
password: 'agentpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
# create customer without org
|
||||
roles = Role.where(name: 'Customer')
|
||||
@customer_without_org = User.create!(
|
||||
login: 'search-customer1@example.com',
|
||||
firstname: 'Search',
|
||||
lastname: 'Customer1',
|
||||
email: 'search-customer1@example.com',
|
||||
password: 'customer1pw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
)
|
||||
|
||||
# create orgs
|
||||
@organization = Organization.create!(
|
||||
name: 'Rest Org',
|
||||
)
|
||||
@organization2 = Organization.create!(
|
||||
name: 'Rest Org #2',
|
||||
)
|
||||
@organization3 = Organization.create!(
|
||||
name: 'Rest Org #3',
|
||||
)
|
||||
@organization4 = Organization.create!(
|
||||
name: 'Tes.t. Org',
|
||||
)
|
||||
@organization5 = Organization.create!(
|
||||
name: 'ABC_D Org',
|
||||
)
|
||||
|
||||
# create customer with org
|
||||
@customer_with_org2 = User.create!(
|
||||
login: 'search-customer2@example.com',
|
||||
firstname: 'Search',
|
||||
lastname: 'Customer2',
|
||||
email: 'search-customer2@example.com',
|
||||
password: 'customer2pw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
organization_id: @organization.id,
|
||||
)
|
||||
|
||||
@customer_with_org3 = User.create!(
|
||||
login: 'search-customer3@example.com',
|
||||
firstname: 'Search',
|
||||
lastname: 'Customer3',
|
||||
email: 'search-customer3@example.com',
|
||||
password: 'customer3pw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
organization_id: @organization.id,
|
||||
)
|
||||
|
||||
@ticket1 = Ticket.create!(
|
||||
title: 'test 1234-1',
|
||||
group: Group.lookup(name: 'Users'),
|
||||
customer_id: @customer_without_org.id,
|
||||
state: Ticket::State.lookup(name: 'new'),
|
||||
priority: Ticket::Priority.lookup(name: '2 normal'),
|
||||
)
|
||||
@article1 = Ticket::Article.create!(
|
||||
ticket_id: @ticket1.id,
|
||||
from: 'some_sender1@example.com',
|
||||
to: 'some_recipient1@example.com',
|
||||
subject: 'some subject1',
|
||||
message_id: 'some@id',
|
||||
body: 'some message1',
|
||||
internal: false,
|
||||
sender: Ticket::Article::Sender.where(name: 'Customer').first,
|
||||
type: Ticket::Article::Type.where(name: 'email').first,
|
||||
)
|
||||
travel 1.second
|
||||
@ticket2 = Ticket.create!(
|
||||
title: 'test 1234-2',
|
||||
group: Group.lookup(name: 'Users'),
|
||||
customer_id: @customer_with_org2.id,
|
||||
state: Ticket::State.lookup(name: 'new'),
|
||||
priority: Ticket::Priority.lookup(name: '2 normal'),
|
||||
)
|
||||
@article2 = Ticket::Article.create!(
|
||||
ticket_id: @ticket2.id,
|
||||
from: 'some_sender2@example.com',
|
||||
to: 'some_recipient2@example.com',
|
||||
subject: 'some subject2',
|
||||
message_id: 'some@id',
|
||||
body: 'some message2',
|
||||
internal: false,
|
||||
sender: Ticket::Article::Sender.where(name: 'Customer').first,
|
||||
type: Ticket::Article::Type.where(name: 'email').first,
|
||||
)
|
||||
travel 1.second
|
||||
@ticket3 = Ticket.create!(
|
||||
title: 'test 1234-2',
|
||||
group: Group.lookup(name: 'Users'),
|
||||
customer_id: @customer_with_org3.id,
|
||||
state: Ticket::State.lookup(name: 'new'),
|
||||
priority: Ticket::Priority.lookup(name: '2 normal'),
|
||||
)
|
||||
@article3 = Ticket::Article.create!(
|
||||
ticket_id: @ticket3.id,
|
||||
from: 'some_sender3@example.com',
|
||||
to: 'some_recipient3@example.com',
|
||||
subject: 'some subject3',
|
||||
message_id: 'some@id',
|
||||
body: 'some message3',
|
||||
internal: false,
|
||||
sender: Ticket::Article::Sender.where(name: 'Customer').first,
|
||||
type: Ticket::Article::Type.where(name: 'email').first,
|
||||
)
|
||||
|
||||
configure_elasticsearch do
|
||||
|
||||
travel 1.minute
|
||||
|
||||
rebuild_searchindex
|
||||
|
||||
# execute background jobs
|
||||
Scheduler.worker(true)
|
||||
|
||||
sleep 6
|
||||
end
|
||||
end
|
||||
|
||||
test 'settings index with nobody' do
|
||||
params = {
|
||||
query: 'test 1234',
|
||||
limit: 2,
|
||||
}
|
||||
|
||||
post '/api/v1/search/ticket', params: params.to_json, headers: @headers
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_not(result.blank?)
|
||||
assert_equal('authentication failed', result['error'])
|
||||
|
||||
post '/api/v1/search/user', params: params.to_json, headers: @headers
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_not(result.blank?)
|
||||
assert_equal('authentication failed', result['error'])
|
||||
|
||||
post '/api/v1/search', params: params.to_json, headers: @headers
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_not(result.blank?)
|
||||
assert_equal('authentication failed', result['error'])
|
||||
end
|
||||
|
||||
test 'settings index with admin' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('search-admin@example.com', 'adminpw')
|
||||
|
||||
params = {
|
||||
query: '1234*',
|
||||
limit: 1,
|
||||
}
|
||||
post '/api/v1/search', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert(result)
|
||||
assert_equal('Ticket', result['result'][0]['type'])
|
||||
assert_equal(@ticket3.id, result['result'][0]['id'])
|
||||
assert_equal('User', result['result'][1]['type'])
|
||||
assert_equal(@agent.id, result['result'][1]['id'])
|
||||
assert_not(result['result'][2])
|
||||
|
||||
params = {
|
||||
query: '1234*',
|
||||
limit: 10,
|
||||
}
|
||||
|
||||
post '/api/v1/search', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert(result)
|
||||
assert_equal('Ticket', result['result'][0]['type'])
|
||||
assert_equal(@ticket3.id, result['result'][0]['id'])
|
||||
assert_equal('Ticket', result['result'][1]['type'])
|
||||
assert_equal(@ticket2.id, result['result'][1]['id'])
|
||||
assert_equal('Ticket', result['result'][2]['type'])
|
||||
assert_equal(@ticket1.id, result['result'][2]['id'])
|
||||
assert_equal('User', result['result'][3]['type'])
|
||||
assert_equal(@agent.id, result['result'][3]['id'])
|
||||
assert_not(result['result'][4])
|
||||
|
||||
params = {
|
||||
query: '1234*',
|
||||
limit: 10,
|
||||
}
|
||||
|
||||
post '/api/v1/search/ticket', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert(result)
|
||||
assert_equal('Ticket', result['result'][0]['type'])
|
||||
assert_equal(@ticket3.id, result['result'][0]['id'])
|
||||
assert_equal('Ticket', result['result'][1]['type'])
|
||||
assert_equal(@ticket2.id, result['result'][1]['id'])
|
||||
assert_equal('Ticket', result['result'][2]['type'])
|
||||
assert_equal(@ticket1.id, result['result'][2]['id'])
|
||||
assert_not(result['result'][3])
|
||||
|
||||
params = {
|
||||
query: '1234*',
|
||||
limit: 10,
|
||||
}
|
||||
|
||||
post '/api/v1/search/user', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('User', result['result'][0]['type'])
|
||||
assert_equal(@agent.id, result['result'][0]['id'])
|
||||
assert_not(result['result'][1])
|
||||
end
|
||||
|
||||
test 'settings index with agent' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('search-agent@example.com', 'agentpw')
|
||||
|
||||
params = {
|
||||
query: '1234*',
|
||||
limit: 1,
|
||||
}
|
||||
|
||||
post '/api/v1/search', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert(result)
|
||||
assert_equal('Ticket', result['result'][0]['type'])
|
||||
assert_equal(@ticket3.id, result['result'][0]['id'])
|
||||
assert_equal('User', result['result'][1]['type'])
|
||||
assert_equal(@agent.id, result['result'][1]['id'])
|
||||
assert_not(result['result'][2])
|
||||
|
||||
params = {
|
||||
query: '1234*',
|
||||
limit: 10,
|
||||
}
|
||||
|
||||
post '/api/v1/search', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert(result)
|
||||
assert_equal('Ticket', result['result'][0]['type'])
|
||||
assert_equal(@ticket3.id, result['result'][0]['id'])
|
||||
assert_equal('Ticket', result['result'][1]['type'])
|
||||
assert_equal(@ticket2.id, result['result'][1]['id'])
|
||||
assert_equal('Ticket', result['result'][2]['type'])
|
||||
assert_equal(@ticket1.id, result['result'][2]['id'])
|
||||
assert_equal('User', result['result'][3]['type'])
|
||||
assert_equal(@agent.id, result['result'][3]['id'])
|
||||
assert_not(result['result'][4])
|
||||
|
||||
params = {
|
||||
query: '1234*',
|
||||
limit: 10,
|
||||
}
|
||||
|
||||
post '/api/v1/search/ticket', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert(result)
|
||||
assert_equal('Ticket', result['result'][0]['type'])
|
||||
assert_equal(@ticket3.id, result['result'][0]['id'])
|
||||
assert_equal('Ticket', result['result'][1]['type'])
|
||||
assert_equal(@ticket2.id, result['result'][1]['id'])
|
||||
assert_equal('Ticket', result['result'][2]['type'])
|
||||
assert_equal(@ticket1.id, result['result'][2]['id'])
|
||||
assert_not(result['result'][3])
|
||||
|
||||
params = {
|
||||
query: '1234*',
|
||||
limit: 10,
|
||||
}
|
||||
|
||||
post '/api/v1/search/user', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('User', result['result'][0]['type'])
|
||||
assert_equal(@agent.id, result['result'][0]['id'])
|
||||
assert_not(result['result'][1])
|
||||
end
|
||||
|
||||
test 'settings index with customer 1' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('search-customer1@example.com', 'customer1pw')
|
||||
|
||||
params = {
|
||||
query: '1234*',
|
||||
limit: 10,
|
||||
}
|
||||
|
||||
post '/api/v1/search', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert(result)
|
||||
assert_equal('Ticket', result['result'][0]['type'])
|
||||
assert_equal(@ticket1.id, result['result'][0]['id'])
|
||||
assert_not(result['result'][1])
|
||||
|
||||
params = {
|
||||
query: '1234*',
|
||||
limit: 10,
|
||||
}
|
||||
|
||||
post '/api/v1/search/ticket', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert(result)
|
||||
assert_equal('Ticket', result['result'][0]['type'])
|
||||
assert_equal(@ticket1.id, result['result'][0]['id'])
|
||||
assert_not(result['result'][1])
|
||||
|
||||
params = {
|
||||
query: '1234*',
|
||||
limit: 10,
|
||||
}
|
||||
|
||||
post '/api/v1/search/user', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_not(result['result'][0])
|
||||
end
|
||||
|
||||
test 'settings index with customer 2' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('search-customer2@example.com', 'customer2pw')
|
||||
|
||||
params = {
|
||||
query: '1234*',
|
||||
limit: 10,
|
||||
}
|
||||
|
||||
post '/api/v1/search', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert(result)
|
||||
assert_equal('Ticket', result['result'][0]['type'])
|
||||
assert_equal(@ticket3.id, result['result'][0]['id'])
|
||||
assert_equal('Ticket', result['result'][1]['type'])
|
||||
assert_equal(@ticket2.id, result['result'][1]['id'])
|
||||
assert_not(result['result'][2])
|
||||
|
||||
params = {
|
||||
query: '1234*',
|
||||
limit: 10,
|
||||
}
|
||||
|
||||
post '/api/v1/search/ticket', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert(result)
|
||||
assert_equal('Ticket', result['result'][0]['type'])
|
||||
assert_equal(@ticket3.id, result['result'][0]['id'])
|
||||
assert_equal('Ticket', result['result'][1]['type'])
|
||||
assert_equal(@ticket2.id, result['result'][1]['id'])
|
||||
assert_not(result['result'][2])
|
||||
|
||||
params = {
|
||||
query: '1234*',
|
||||
limit: 10,
|
||||
}
|
||||
|
||||
post '/api/v1/search/user', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_not(result['result'][0])
|
||||
end
|
||||
|
||||
# Verify fix for Github issue #2058 - Autocomplete hangs on dot in the new user form
|
||||
test 'searching for organization with a dot in its name' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('search-agent@example.com', 'agentpw')
|
||||
|
||||
get '/api/v1/search/organization?query=tes.', headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(1, result['result'].size)
|
||||
assert_equal('Organization', result['result'][0]['type'])
|
||||
target_id = result['result'][0]['id']
|
||||
assert_equal('Tes.t. Org', result['assets']['Organization'][target_id.to_s]['name'])
|
||||
end
|
||||
|
||||
# Search query H& should correctly match H&M
|
||||
test 'searching for organization with _ in its name' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('search-agent@example.com', 'agentpw')
|
||||
|
||||
get '/api/v1/search/organization?query=abc_', headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(1, result['result'].size)
|
||||
assert_equal('Organization', result['result'][0]['type'])
|
||||
target_id = result['result'][0]['id']
|
||||
assert_equal('ABC_D Org', result['assets']['Organization'][target_id.to_s]['name'])
|
||||
end
|
||||
end
|
|
@ -1,302 +0,0 @@
|
|||
|
||||
require 'test_helper'
|
||||
|
||||
class SettingsControllerTest < ActionDispatch::IntegrationTest
|
||||
setup do
|
||||
|
||||
# set accept header
|
||||
@headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: %w[Admin Agent])
|
||||
groups = Group.all
|
||||
|
||||
UserInfo.current_user_id = 1
|
||||
@admin_full = User.create!(
|
||||
login: 'setting-admin',
|
||||
firstname: 'Setting',
|
||||
lastname: 'Admin',
|
||||
email: 'setting-admin@example.com',
|
||||
password: 'adminpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
role_api = Role.create!(
|
||||
name: 'AdminApi',
|
||||
note: 'To configure your api.',
|
||||
preferences: {
|
||||
not: ['Customer'],
|
||||
},
|
||||
default_at_signup: false,
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1
|
||||
)
|
||||
role_api.permission_grant('admin.api')
|
||||
@admin_api = User.create!(
|
||||
login: 'setting-admin-api',
|
||||
firstname: 'Setting',
|
||||
lastname: 'Admin Api',
|
||||
email: 'setting-admin-api@example.com',
|
||||
password: 'adminpw',
|
||||
active: true,
|
||||
roles: [role_api],
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: 'Agent')
|
||||
@agent = User.create!(
|
||||
login: 'setting-agent@example.com',
|
||||
firstname: 'Setting',
|
||||
lastname: 'Agent',
|
||||
email: 'setting-agent@example.com',
|
||||
password: 'agentpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
# create customer without org
|
||||
roles = Role.where(name: 'Customer')
|
||||
@customer_without_org = User.create!(
|
||||
login: 'setting-customer1@example.com',
|
||||
firstname: 'Setting',
|
||||
lastname: 'Customer1',
|
||||
email: 'setting-customer1@example.com',
|
||||
password: 'customer1pw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
)
|
||||
|
||||
end
|
||||
|
||||
test 'settings index with nobody' do
|
||||
|
||||
# index
|
||||
get '/api/v1/settings', params: {}, headers: @headers
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_not(result['settings'])
|
||||
|
||||
# show
|
||||
setting = Setting.find_by(name: 'product_name')
|
||||
get "/api/v1/settings/#{setting.id}", params: {}, headers: @headers
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal('authentication failed', result['error'])
|
||||
end
|
||||
|
||||
test 'settings index with admin' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('setting-admin@example.com', 'adminpw')
|
||||
|
||||
# index
|
||||
get '/api/v1/settings', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert(result)
|
||||
hit_api = false
|
||||
hit_product_name = false
|
||||
result.each do |setting|
|
||||
if setting['name'] == 'api_token_access'
|
||||
hit_api = true
|
||||
end
|
||||
if setting['name'] == 'product_name'
|
||||
hit_product_name = true
|
||||
end
|
||||
end
|
||||
assert_equal(true, hit_api)
|
||||
assert_equal(true, hit_product_name)
|
||||
|
||||
# show
|
||||
setting = Setting.find_by(name: 'product_name')
|
||||
get "/api/v1/settings/#{setting.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('product_name', result['name'])
|
||||
|
||||
setting = Setting.find_by(name: 'api_token_access')
|
||||
get "/api/v1/settings/#{setting.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('api_token_access', result['name'])
|
||||
|
||||
# update
|
||||
setting = Setting.find_by(name: 'product_name')
|
||||
params = {
|
||||
id: setting.id,
|
||||
name: 'some_new_name',
|
||||
preferences: {
|
||||
permission: ['admin.branding', 'admin.some_new_permission'],
|
||||
some_new_key: true,
|
||||
}
|
||||
}
|
||||
put "/api/v1/settings/#{setting.id}", params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('product_name', result['name'])
|
||||
assert_equal(1, result['preferences']['permission'].length)
|
||||
assert_equal('admin.branding', result['preferences']['permission'][0])
|
||||
assert_equal(true, result['preferences']['some_new_key'])
|
||||
|
||||
# update
|
||||
setting = Setting.find_by(name: 'api_token_access')
|
||||
params = {
|
||||
id: setting.id,
|
||||
name: 'some_new_name',
|
||||
preferences: {
|
||||
permission: ['admin.branding', 'admin.some_new_permission'],
|
||||
some_new_key: true,
|
||||
}
|
||||
}
|
||||
put "/api/v1/settings/#{setting.id}", params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('api_token_access', result['name'])
|
||||
assert_equal(1, result['preferences']['permission'].length)
|
||||
assert_equal('admin.api', result['preferences']['permission'][0])
|
||||
assert_equal(true, result['preferences']['some_new_key'])
|
||||
|
||||
# delete
|
||||
setting = Setting.find_by(name: 'product_name')
|
||||
delete "/api/v1/settings/#{setting.id}", params: {}.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal('Not authorized (feature not possible)', result['error'])
|
||||
end
|
||||
|
||||
test 'settings index with admin-api' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('setting-admin-api@example.com', 'adminpw')
|
||||
|
||||
# index
|
||||
get '/api/v1/settings', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert(result)
|
||||
hit_api = false
|
||||
hit_product_name = false
|
||||
result.each do |setting|
|
||||
if setting['name'] == 'api_token_access'
|
||||
hit_api = true
|
||||
end
|
||||
if setting['name'] == 'product_name'
|
||||
hit_product_name = true
|
||||
end
|
||||
end
|
||||
assert_equal(true, hit_api)
|
||||
assert_equal(false, hit_product_name)
|
||||
|
||||
# show
|
||||
setting = Setting.find_by(name: 'product_name')
|
||||
get "/api/v1/settings/#{setting.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal('Not authorized (required ["admin.branding"])', result['error'])
|
||||
|
||||
setting = Setting.find_by(name: 'api_token_access')
|
||||
get "/api/v1/settings/#{setting.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('api_token_access', result['name'])
|
||||
|
||||
# update
|
||||
setting = Setting.find_by(name: 'product_name')
|
||||
params = {
|
||||
id: setting.id,
|
||||
name: 'some_new_name',
|
||||
preferences: {
|
||||
permission: ['admin.branding', 'admin.some_new_permission'],
|
||||
some_new_key: true,
|
||||
}
|
||||
}
|
||||
put "/api/v1/settings/#{setting.id}", params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal('Not authorized (required ["admin.branding"])', result['error'])
|
||||
|
||||
# update
|
||||
setting = Setting.find_by(name: 'api_token_access')
|
||||
params = {
|
||||
id: setting.id,
|
||||
name: 'some_new_name',
|
||||
preferences: {
|
||||
permission: ['admin.branding', 'admin.some_new_permission'],
|
||||
some_new_key: true,
|
||||
}
|
||||
}
|
||||
put "/api/v1/settings/#{setting.id}", params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('api_token_access', result['name'])
|
||||
assert_equal(1, result['preferences']['permission'].length)
|
||||
assert_equal('admin.api', result['preferences']['permission'][0])
|
||||
assert_equal(true, result['preferences']['some_new_key'])
|
||||
|
||||
# delete
|
||||
setting = Setting.find_by(name: 'product_name')
|
||||
delete "/api/v1/settings/#{setting.id}", params: {}.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal('Not authorized (feature not possible)', result['error'])
|
||||
end
|
||||
|
||||
test 'settings index with agent' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('setting-agent@example.com', 'agentpw')
|
||||
|
||||
# index
|
||||
get '/api/v1/settings', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_not(result['settings'])
|
||||
assert_equal('Not authorized (user)!', result['error'])
|
||||
|
||||
# show
|
||||
setting = Setting.find_by(name: 'product_name')
|
||||
get "/api/v1/settings/#{setting.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal('Not authorized (user)!', result['error'])
|
||||
end
|
||||
|
||||
test 'settings index with customer' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('setting-customer1@example.com', 'customer1pw')
|
||||
|
||||
# index
|
||||
get '/api/v1/settings', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_not(result['settings'])
|
||||
assert_equal('Not authorized (user)!', result['error'])
|
||||
|
||||
# show
|
||||
setting = Setting.find_by(name: 'product_name')
|
||||
get "/api/v1/settings/#{setting.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal('Not authorized (user)!', result['error'])
|
||||
|
||||
# delete
|
||||
setting = Setting.find_by(name: 'product_name')
|
||||
delete "/api/v1/settings/#{setting.id}", params: {}.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal('Not authorized (user)!', result['error'])
|
||||
end
|
||||
|
||||
end
|
|
@ -1,70 +0,0 @@
|
|||
|
||||
require 'test_helper'
|
||||
|
||||
class SlaControllerTest < ActionDispatch::IntegrationTest
|
||||
setup do
|
||||
|
||||
# set accept header
|
||||
@headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: %w[Admin Agent])
|
||||
groups = Group.all
|
||||
|
||||
UserInfo.current_user_id = 1
|
||||
@admin = User.create!(
|
||||
login: 'sla-admin',
|
||||
firstname: 'Packages',
|
||||
lastname: 'Admin',
|
||||
email: 'sla-admin@example.com',
|
||||
password: 'adminpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
end
|
||||
|
||||
test '01 sla index with nobody' do
|
||||
|
||||
get '/api/v1/slas', params: {}, headers: @headers
|
||||
assert_response(401)
|
||||
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('authentication failed', result['error'])
|
||||
|
||||
end
|
||||
|
||||
test '02 sla index with admin' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('sla-admin@example.com', 'adminpw')
|
||||
|
||||
get '/api/v1/slas', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert(result)
|
||||
assert_equal(0, result.count)
|
||||
|
||||
get '/api/v1/slas?expand=true', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert(result)
|
||||
assert_equal(0, result.count)
|
||||
|
||||
get '/api/v1/slas?full=true', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert(result)
|
||||
assert(result['record_ids'])
|
||||
assert(result['record_ids'].blank?)
|
||||
assert(result['assets'])
|
||||
assert(result['assets']['Calendar'].present?)
|
||||
assert(result['assets'].present?)
|
||||
|
||||
end
|
||||
|
||||
end
|
|
@ -1,70 +0,0 @@
|
|||
|
||||
require 'test_helper'
|
||||
|
||||
class SlasControllerTest < ActionDispatch::IntegrationTest
|
||||
setup do
|
||||
|
||||
# set accept header
|
||||
@headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: %w[Admin Agent])
|
||||
groups = Group.all
|
||||
|
||||
UserInfo.current_user_id = 1
|
||||
@admin = User.create!(
|
||||
login: 'sla-admin',
|
||||
firstname: 'Packages',
|
||||
lastname: 'Admin',
|
||||
email: 'sla-admin@example.com',
|
||||
password: 'adminpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
end
|
||||
|
||||
test '01 sla index with nobody' do
|
||||
|
||||
get '/api/v1/slas', params: {}, headers: @headers
|
||||
assert_response(401)
|
||||
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('authentication failed', result['error'])
|
||||
|
||||
end
|
||||
|
||||
test '02 sla index with admin' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('sla-admin@example.com', 'adminpw')
|
||||
|
||||
get '/api/v1/slas', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert(result)
|
||||
assert_equal(0, result.count)
|
||||
|
||||
get '/api/v1/slas?expand=true', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert(result)
|
||||
assert_equal(0, result.count)
|
||||
|
||||
get '/api/v1/slas?full=true', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert(result)
|
||||
assert(result['record_ids'])
|
||||
assert(result['record_ids'].blank?)
|
||||
assert(result['assets'])
|
||||
assert(result['assets']['Calendar'].present?)
|
||||
assert(result['assets'].present?)
|
||||
|
||||
end
|
||||
|
||||
end
|
|
@ -1,112 +0,0 @@
|
|||
|
||||
require 'test_helper'
|
||||
|
||||
class TaskbarsControllerTest < ActionDispatch::IntegrationTest
|
||||
setup do
|
||||
|
||||
# set accept header
|
||||
@headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
|
||||
UserInfo.current_user_id = 1
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: 'Agent')
|
||||
groups = Group.all
|
||||
|
||||
@agent = User.create!(
|
||||
login: 'taskbar-agent@example.com',
|
||||
firstname: 'Taskbar',
|
||||
lastname: 'Agent',
|
||||
email: 'taskbar-agent@example.com',
|
||||
password: 'agentpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
# create customer without org
|
||||
roles = Role.where(name: 'Customer')
|
||||
@customer_without_org = User.create!(
|
||||
login: 'taskbar-customer1@example.com',
|
||||
firstname: 'Taskbar',
|
||||
lastname: 'Customer1',
|
||||
email: 'taskbar-customer1@example.com',
|
||||
password: 'customer1pw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
)
|
||||
|
||||
end
|
||||
|
||||
test 'task ownership' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('taskbar-agent@example.com', 'agentpw')
|
||||
params = {
|
||||
user_id: @customer_without_org.id,
|
||||
client_id: '123',
|
||||
key: 'Ticket-5',
|
||||
callback: 'TicketZoom',
|
||||
state: {
|
||||
ticket: {
|
||||
owner_id: @agent.id,
|
||||
},
|
||||
article: {},
|
||||
},
|
||||
params: {
|
||||
ticket_id: 5,
|
||||
shown: true,
|
||||
},
|
||||
prio: 3,
|
||||
notify: false,
|
||||
active: false,
|
||||
}
|
||||
|
||||
post '/api/v1/taskbar', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('123', result['client_id'])
|
||||
assert_equal(@agent.id, result['user_id'])
|
||||
assert_equal(5, result['params']['ticket_id'])
|
||||
assert_equal(true, result['params']['shown'])
|
||||
|
||||
taskbar_id = result['id']
|
||||
params[:user_id] = @customer_without_org.id
|
||||
params[:params] = {
|
||||
ticket_id: 5,
|
||||
shown: false,
|
||||
}
|
||||
put "/api/v1/taskbar/#{taskbar_id}", params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('123', result['client_id'])
|
||||
assert_equal(@agent.id, result['user_id'])
|
||||
assert_equal(5, result['params']['ticket_id'])
|
||||
assert_equal(false, result['params']['shown'])
|
||||
|
||||
# try to access with other user
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('taskbar-customer1@example.com', 'customer1pw')
|
||||
params = {
|
||||
active: true,
|
||||
}
|
||||
put "/api/v1/taskbar/#{taskbar_id}", params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(422)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('Not allowed to access this task.', result['error'])
|
||||
|
||||
delete "/api/v1/taskbar/#{taskbar_id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(422)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('Not allowed to access this task.', result['error'])
|
||||
|
||||
# delete with correct user
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('taskbar-agent@example.com', 'agentpw')
|
||||
delete "/api/v1/taskbar/#{taskbar_id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert(result.blank?)
|
||||
end
|
||||
|
||||
end
|
|
@ -1,160 +0,0 @@
|
|||
|
||||
require 'test_helper'
|
||||
require 'rake'
|
||||
|
||||
class TextModuleControllerTest < ActionDispatch::IntegrationTest
|
||||
setup do
|
||||
|
||||
# set accept header
|
||||
@headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: %w[Admin Agent])
|
||||
groups = Group.all
|
||||
|
||||
UserInfo.current_user_id = 1
|
||||
|
||||
@admin = User.create!(
|
||||
login: 'rest-admin',
|
||||
firstname: 'Rest',
|
||||
lastname: 'Agent',
|
||||
email: 'rest-admin@example.com',
|
||||
password: 'adminpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: 'Agent')
|
||||
@agent = User.create!(
|
||||
login: 'rest-agent@example.com',
|
||||
firstname: 'Rest',
|
||||
lastname: 'Agent',
|
||||
email: 'rest-agent@example.com',
|
||||
password: 'agentpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
# create customer without org
|
||||
roles = Role.where(name: 'Customer')
|
||||
@customer_without_org = User.create!(
|
||||
login: 'rest-customer1@example.com',
|
||||
firstname: 'Rest',
|
||||
lastname: 'Customer1',
|
||||
email: 'rest-customer1@example.com',
|
||||
password: 'customer1pw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
)
|
||||
|
||||
# create customer
|
||||
@customer_with_org = User.create!(
|
||||
login: 'rest-customer2@example.com',
|
||||
firstname: 'Rest',
|
||||
lastname: 'Customer2',
|
||||
email: 'rest-customer2@example.com',
|
||||
password: 'customer2pw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
)
|
||||
|
||||
UserInfo.current_user_id = nil
|
||||
end
|
||||
|
||||
test '05.01 csv example - customer no access' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-customer1@example.com', 'customer1pw')
|
||||
|
||||
get '/api/v1/text_modules/import_example', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal('Not authorized (user)!', result['error'])
|
||||
end
|
||||
|
||||
test '05.02 csv example - admin access' do
|
||||
TextModule.load('en-en')
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin@example.com', 'adminpw')
|
||||
|
||||
get '/api/v1/text_modules/import_example', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
rows = CSV.parse(@response.body)
|
||||
header = rows.shift
|
||||
|
||||
assert_equal('id', header[0])
|
||||
assert_equal('name', header[1])
|
||||
assert_equal('keywords', header[2])
|
||||
assert_equal('content', header[3])
|
||||
assert_equal('note', header[4])
|
||||
assert_equal('active', header[5])
|
||||
assert_not(header.include?('organization'))
|
||||
assert_not(header.include?('priority'))
|
||||
assert_not(header.include?('state'))
|
||||
assert_not(header.include?('owner'))
|
||||
assert_not(header.include?('customer'))
|
||||
end
|
||||
|
||||
test '05.03 csv import - admin access' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin@example.com', 'adminpw')
|
||||
|
||||
# invalid file
|
||||
csv_file_path = Rails.root.join('test', 'data', 'csv', 'text_module_simple_col_not_existing.csv')
|
||||
csv_file = ::Rack::Test::UploadedFile.new(csv_file_path, 'text/csv')
|
||||
post '/api/v1/text_modules/import?try=true', params: { file: csv_file, col_sep: ';' }, headers: { 'Authorization' => credentials }
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
assert_equal(true, result['try'])
|
||||
assert_equal(2, result['records'].count)
|
||||
assert_equal('failed', result['result'])
|
||||
assert_equal(2, result['errors'].count)
|
||||
assert_equal("Line 1: unknown attribute 'keywords2' for TextModule.", result['errors'][0])
|
||||
assert_equal("Line 2: unknown attribute 'keywords2' for TextModule.", result['errors'][1])
|
||||
|
||||
# valid file try
|
||||
csv_file_path = Rails.root.join('test', 'data', 'csv', 'text_module_simple.csv')
|
||||
csv_file = ::Rack::Test::UploadedFile.new(csv_file_path, 'text/csv')
|
||||
post '/api/v1/text_modules/import?try=true', params: { file: csv_file, col_sep: ';' }, headers: { 'Authorization' => credentials }
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
assert_equal(true, result['try'])
|
||||
assert_equal(2, result['records'].count)
|
||||
assert_equal('success', result['result'])
|
||||
|
||||
assert_nil(TextModule.find_by(name: 'some name1'))
|
||||
assert_nil(TextModule.find_by(name: 'some name2'))
|
||||
|
||||
# valid file
|
||||
csv_file_path = Rails.root.join('test', 'data', 'csv', 'text_module_simple.csv')
|
||||
csv_file = ::Rack::Test::UploadedFile.new(csv_file_path, 'text/csv')
|
||||
post '/api/v1/text_modules/import', params: { file: csv_file, col_sep: ';' }, headers: { 'Authorization' => credentials }
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
assert_equal(false, result['try'])
|
||||
assert_equal(2, result['records'].count)
|
||||
assert_equal('success', result['result'])
|
||||
|
||||
text_module1 = TextModule.find_by(name: 'some name1')
|
||||
assert(text_module1)
|
||||
assert_equal(text_module1.name, 'some name1')
|
||||
assert_equal(text_module1.keywords, 'keyword1')
|
||||
assert_equal(text_module1.content, 'some<br>content1')
|
||||
assert_equal(text_module1.active, true)
|
||||
text_module2 = TextModule.find_by(name: 'some name2')
|
||||
assert(text_module2)
|
||||
assert_equal(text_module2.name, 'some name2')
|
||||
assert_equal(text_module2.keywords, 'keyword2')
|
||||
assert_equal(text_module2.content, 'some content<br>test123')
|
||||
assert_equal(text_module2.active, true)
|
||||
|
||||
end
|
||||
|
||||
end
|
|
@ -1,160 +0,0 @@
|
|||
|
||||
require 'test_helper'
|
||||
require 'rake'
|
||||
|
||||
class TextModulesControllerTest < ActionDispatch::IntegrationTest
|
||||
setup do
|
||||
|
||||
# set accept header
|
||||
@headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: %w[Admin Agent])
|
||||
groups = Group.all
|
||||
|
||||
UserInfo.current_user_id = 1
|
||||
|
||||
@admin = User.create!(
|
||||
login: 'rest-admin',
|
||||
firstname: 'Rest',
|
||||
lastname: 'Agent',
|
||||
email: 'rest-admin@example.com',
|
||||
password: 'adminpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: 'Agent')
|
||||
@agent = User.create!(
|
||||
login: 'rest-agent@example.com',
|
||||
firstname: 'Rest',
|
||||
lastname: 'Agent',
|
||||
email: 'rest-agent@example.com',
|
||||
password: 'agentpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
# create customer without org
|
||||
roles = Role.where(name: 'Customer')
|
||||
@customer_without_org = User.create!(
|
||||
login: 'rest-customer1@example.com',
|
||||
firstname: 'Rest',
|
||||
lastname: 'Customer1',
|
||||
email: 'rest-customer1@example.com',
|
||||
password: 'customer1pw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
)
|
||||
|
||||
# create customer
|
||||
@customer_with_org = User.create!(
|
||||
login: 'rest-customer2@example.com',
|
||||
firstname: 'Rest',
|
||||
lastname: 'Customer2',
|
||||
email: 'rest-customer2@example.com',
|
||||
password: 'customer2pw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
)
|
||||
|
||||
UserInfo.current_user_id = nil
|
||||
end
|
||||
|
||||
test '05.01 csv example - customer no access' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-customer1@example.com', 'customer1pw')
|
||||
|
||||
get '/api/v1/text_modules/import_example', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal('Not authorized (user)!', result['error'])
|
||||
end
|
||||
|
||||
test '05.02 csv example - admin access' do
|
||||
TextModule.load('en-en')
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin@example.com', 'adminpw')
|
||||
|
||||
get '/api/v1/text_modules/import_example', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
rows = CSV.parse(@response.body)
|
||||
header = rows.shift
|
||||
|
||||
assert_equal('id', header[0])
|
||||
assert_equal('name', header[1])
|
||||
assert_equal('keywords', header[2])
|
||||
assert_equal('content', header[3])
|
||||
assert_equal('note', header[4])
|
||||
assert_equal('active', header[5])
|
||||
assert_not(header.include?('organization'))
|
||||
assert_not(header.include?('priority'))
|
||||
assert_not(header.include?('state'))
|
||||
assert_not(header.include?('owner'))
|
||||
assert_not(header.include?('customer'))
|
||||
end
|
||||
|
||||
test '05.03 csv import - admin access' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin@example.com', 'adminpw')
|
||||
|
||||
# invalid file
|
||||
csv_file_path = Rails.root.join('test', 'data', 'csv', 'text_module_simple_col_not_existing.csv')
|
||||
csv_file = ::Rack::Test::UploadedFile.new(csv_file_path, 'text/csv')
|
||||
post '/api/v1/text_modules/import?try=true', params: { file: csv_file, col_sep: ';' }, headers: { 'Authorization' => credentials }
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
assert_equal(true, result['try'])
|
||||
assert_equal(2, result['records'].count)
|
||||
assert_equal('failed', result['result'])
|
||||
assert_equal(2, result['errors'].count)
|
||||
assert_equal("Line 1: unknown attribute 'keywords2' for TextModule.", result['errors'][0])
|
||||
assert_equal("Line 2: unknown attribute 'keywords2' for TextModule.", result['errors'][1])
|
||||
|
||||
# valid file try
|
||||
csv_file_path = Rails.root.join('test', 'data', 'csv', 'text_module_simple.csv')
|
||||
csv_file = ::Rack::Test::UploadedFile.new(csv_file_path, 'text/csv')
|
||||
post '/api/v1/text_modules/import?try=true', params: { file: csv_file, col_sep: ';' }, headers: { 'Authorization' => credentials }
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
assert_equal(true, result['try'])
|
||||
assert_equal(2, result['records'].count)
|
||||
assert_equal('success', result['result'])
|
||||
|
||||
assert_nil(TextModule.find_by(name: 'some name1'))
|
||||
assert_nil(TextModule.find_by(name: 'some name2'))
|
||||
|
||||
# valid file
|
||||
csv_file_path = Rails.root.join('test', 'data', 'csv', 'text_module_simple.csv')
|
||||
csv_file = ::Rack::Test::UploadedFile.new(csv_file_path, 'text/csv')
|
||||
post '/api/v1/text_modules/import', params: { file: csv_file, col_sep: ';' }, headers: { 'Authorization' => credentials }
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
assert_equal(false, result['try'])
|
||||
assert_equal(2, result['records'].count)
|
||||
assert_equal('success', result['result'])
|
||||
|
||||
text_module1 = TextModule.find_by(name: 'some name1')
|
||||
assert(text_module1)
|
||||
assert_equal(text_module1.name, 'some name1')
|
||||
assert_equal(text_module1.keywords, 'keyword1')
|
||||
assert_equal(text_module1.content, 'some<br>content1')
|
||||
assert_equal(text_module1.active, true)
|
||||
text_module2 = TextModule.find_by(name: 'some name2')
|
||||
assert(text_module2)
|
||||
assert_equal(text_module2.name, 'some name2')
|
||||
assert_equal(text_module2.keywords, 'keyword2')
|
||||
assert_equal(text_module2.content, 'some content<br>test123')
|
||||
assert_equal(text_module2.active, true)
|
||||
|
||||
end
|
||||
|
||||
end
|
|
@ -1,200 +0,0 @@
|
|||
|
||||
require 'test_helper'
|
||||
|
||||
class TicketArticleAttachmentsControllerTest < ActionDispatch::IntegrationTest
|
||||
setup do
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: %w[Admin Agent])
|
||||
groups = Group.all
|
||||
|
||||
UserInfo.current_user_id = 1
|
||||
@admin = User.create!(
|
||||
login: 'tickets-admin',
|
||||
firstname: 'Tickets',
|
||||
lastname: 'Admin',
|
||||
email: 'tickets-admin@example.com',
|
||||
password: 'adminpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: 'Agent')
|
||||
@agent = User.create!(
|
||||
login: 'tickets-agent@example.com',
|
||||
firstname: 'Tickets',
|
||||
lastname: 'Agent',
|
||||
email: 'tickets-agent@example.com',
|
||||
password: 'agentpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
# create customer without org
|
||||
roles = Role.where(name: 'Customer')
|
||||
@customer_without_org = User.create!(
|
||||
login: 'tickets-customer1@example.com',
|
||||
firstname: 'Tickets',
|
||||
lastname: 'Customer1',
|
||||
email: 'tickets-customer1@example.com',
|
||||
password: 'customer1pw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
)
|
||||
|
||||
end
|
||||
|
||||
test '01.01 test attachment urls' do
|
||||
ticket1 = Ticket.create(
|
||||
title: 'attachment test 1',
|
||||
group: Group.lookup(name: 'Users'),
|
||||
customer_id: @customer_without_org.id,
|
||||
state: Ticket::State.lookup(name: 'new'),
|
||||
priority: Ticket::Priority.lookup(name: '2 normal'),
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1,
|
||||
)
|
||||
article1 = Ticket::Article.create(
|
||||
ticket_id: ticket1.id,
|
||||
from: 'some_customer_com-1@example.com',
|
||||
to: 'some_zammad_com-1@example.com',
|
||||
subject: 'attachment test 1-1',
|
||||
message_id: 'some@id_com_1',
|
||||
body: 'some message 123',
|
||||
internal: false,
|
||||
sender: Ticket::Article::Sender.find_by(name: 'Customer'),
|
||||
type: Ticket::Article::Type.find_by(name: 'email'),
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1,
|
||||
)
|
||||
store1 = Store.add(
|
||||
object: 'Ticket::Article',
|
||||
o_id: article1.id,
|
||||
data: 'some content',
|
||||
filename: 'some_file.txt',
|
||||
preferences: {
|
||||
'Content-Type' => 'text/plain',
|
||||
},
|
||||
created_by_id: 1,
|
||||
)
|
||||
article2 = Ticket::Article.create(
|
||||
ticket_id: ticket1.id,
|
||||
from: 'some_customer_com-1@example.com',
|
||||
to: 'some_zammad_com-1@example.com',
|
||||
subject: 'attachment test 1-2',
|
||||
message_id: 'some@id_com_1',
|
||||
body: 'some message 123',
|
||||
internal: false,
|
||||
sender: Ticket::Article::Sender.find_by(name: 'Customer'),
|
||||
type: Ticket::Article::Type.find_by(name: 'email'),
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1,
|
||||
)
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
|
||||
get "/api/v1/ticket_attachment/#{ticket1.id}/#{article1.id}/#{store1.id}", params: {}, headers: { 'Authorization' => credentials }
|
||||
assert_response(200)
|
||||
assert_equal('some content', @response.body)
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
|
||||
get "/api/v1/ticket_attachment/#{ticket1.id}/#{article2.id}/#{store1.id}", params: {}, headers: { 'Authorization' => credentials }
|
||||
assert_response(401)
|
||||
assert_match(/401: Unauthorized/, @response.body)
|
||||
|
||||
ticket2 = Ticket.create(
|
||||
title: 'attachment test 2',
|
||||
group: Group.lookup(name: 'Users'),
|
||||
customer_id: @customer_without_org.id,
|
||||
state: Ticket::State.lookup(name: 'new'),
|
||||
priority: Ticket::Priority.lookup(name: '2 normal'),
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1,
|
||||
)
|
||||
ticket1.merge_to(
|
||||
ticket_id: ticket2.id,
|
||||
user_id: 1,
|
||||
)
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
|
||||
get "/api/v1/ticket_attachment/#{ticket2.id}/#{article1.id}/#{store1.id}", params: {}, headers: { 'Authorization' => credentials }
|
||||
assert_response(200)
|
||||
assert_equal('some content', @response.body)
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
|
||||
get "/api/v1/ticket_attachment/#{ticket2.id}/#{article2.id}/#{store1.id}", params: {}, headers: { 'Authorization' => credentials }
|
||||
assert_response(401)
|
||||
assert_match(/401: Unauthorized/, @response.body)
|
||||
|
||||
# allow access via merged ticket id also
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
|
||||
get "/api/v1/ticket_attachment/#{ticket1.id}/#{article1.id}/#{store1.id}", params: {}, headers: { 'Authorization' => credentials }
|
||||
assert_response(200)
|
||||
assert_equal('some content', @response.body)
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
|
||||
get "/api/v1/ticket_attachment/#{ticket1.id}/#{article2.id}/#{store1.id}", params: {}, headers: { 'Authorization' => credentials }
|
||||
assert_response(401)
|
||||
assert_match(/401: Unauthorized/, @response.body)
|
||||
|
||||
end
|
||||
|
||||
test '01.02 test attachments for split' do
|
||||
headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
|
||||
|
||||
email_file_path = Rails.root.join('test', 'data', 'mail', 'mail024.box')
|
||||
email_raw_string = File.read(email_file_path)
|
||||
ticket_p, article_p, user_p = Channel::EmailParser.new.process({}, email_raw_string)
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
|
||||
get '/api/v1/ticket_split', params: { form_id: '1234-2', ticket_id: ticket_p.id, article_id: article_p.id }, headers: headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result['assets'])
|
||||
assert_equal(result['attachments'].class, Array)
|
||||
assert_equal(result['attachments'].count, 1)
|
||||
assert_equal(result['attachments'][0]['filename'], 'rulesets-report.csv')
|
||||
|
||||
end
|
||||
|
||||
test '01.03 test attachments for forward' do
|
||||
headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
|
||||
|
||||
email_file_path = Rails.root.join('test', 'data', 'mail', 'mail008.box')
|
||||
email_raw_string = File.read(email_file_path)
|
||||
ticket_p, article_p, user_p = Channel::EmailParser.new.process({}, email_raw_string)
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
|
||||
post "/api/v1/ticket_attachment_upload_clone_by_article/#{article_p.id}", params: {}, headers: headers.merge('Authorization' => credentials)
|
||||
assert_response(422)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert(result['error'], 'Need form_id to attach attachments to new form')
|
||||
|
||||
post "/api/v1/ticket_attachment_upload_clone_by_article/#{article_p.id}", params: { form_id: '1234-1' }.to_json, headers: headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result['attachments'].class, Array)
|
||||
assert(result['attachments'].blank?)
|
||||
|
||||
email_file_path = Rails.root.join('test', 'data', 'mail', 'mail024.box')
|
||||
email_raw_string = File.read(email_file_path)
|
||||
ticket_p, article_p, user_p = Channel::EmailParser.new.process({}, email_raw_string)
|
||||
|
||||
post "/api/v1/ticket_attachment_upload_clone_by_article/#{article_p.id}", params: { form_id: '1234-2' }.to_json, headers: headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result['attachments'].class, Array)
|
||||
assert_equal(result['attachments'].count, 1)
|
||||
assert_equal(result['attachments'][0]['filename'], 'rulesets-report.csv')
|
||||
|
||||
post "/api/v1/ticket_attachment_upload_clone_by_article/#{article_p.id}", params: { form_id: '1234-2' }.to_json, headers: headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result['attachments'].class, Array)
|
||||
assert(result['attachments'].blank?)
|
||||
end
|
||||
|
||||
end
|
|
@ -1,559 +0,0 @@
|
|||
|
||||
require 'test_helper'
|
||||
|
||||
class TicketArticlesControllerTest < ActionDispatch::IntegrationTest
|
||||
setup do
|
||||
|
||||
# set accept header
|
||||
@headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: %w[Admin Agent])
|
||||
groups = Group.all
|
||||
|
||||
UserInfo.current_user_id = 1
|
||||
@admin = User.create!(
|
||||
login: 'tickets-admin',
|
||||
firstname: 'Tickets',
|
||||
lastname: 'Admin',
|
||||
email: 'tickets-admin@example.com',
|
||||
password: 'adminpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: 'Agent')
|
||||
@agent = User.create!(
|
||||
login: 'tickets-agent@example.com',
|
||||
firstname: 'Tickets',
|
||||
lastname: 'Agent',
|
||||
email: 'tickets-agent@example.com',
|
||||
password: 'agentpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
# create customer without org
|
||||
roles = Role.where(name: 'Customer')
|
||||
@customer_without_org = User.create!(
|
||||
login: 'tickets-customer1@example.com',
|
||||
firstname: 'Tickets',
|
||||
lastname: 'Customer1',
|
||||
email: 'tickets-customer1@example.com',
|
||||
password: 'customer1pw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
)
|
||||
|
||||
end
|
||||
|
||||
test '01.01 ticket create with agent and articles' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
|
||||
|
||||
params = {
|
||||
title: 'a new ticket #1',
|
||||
group: 'Users',
|
||||
customer_id: @customer_without_org.id,
|
||||
article: {
|
||||
body: 'some body',
|
||||
}
|
||||
}
|
||||
post '/api/v1/tickets', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
|
||||
params = {
|
||||
ticket_id: result['id'],
|
||||
content_type: 'text/plain', # or text/html
|
||||
body: 'some body',
|
||||
type: 'note',
|
||||
}
|
||||
post '/api/v1/ticket_articles', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_nil(result['subject'])
|
||||
assert_equal('some body', result['body'])
|
||||
assert_equal('text/plain', result['content_type'])
|
||||
assert_equal(@agent.id, result['updated_by_id'])
|
||||
assert_equal(@agent.id, result['created_by_id'])
|
||||
|
||||
ticket = Ticket.find(result['ticket_id'])
|
||||
assert_equal(2, ticket.articles.count)
|
||||
assert_equal(0, ticket.articles[0].attachments.count)
|
||||
assert_equal(0, ticket.articles[1].attachments.count)
|
||||
|
||||
params = {
|
||||
ticket_id: result['ticket_id'],
|
||||
content_type: 'text/html', # or text/html
|
||||
body: 'some body <img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAUA
|
||||
AAAFCAYAAACNbyblAAAAHElEQVQI12P4//8/w38GIAXDIBKE0DHxgljNBAAO
|
||||
9TXL0Y4OHwAAAABJRU5ErkJggg==" alt="Red dot" />',
|
||||
type: 'note',
|
||||
}
|
||||
post '/api/v1/ticket_articles', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_nil(result['subject'])
|
||||
assert_no_match(/some body <img src="cid:.+?/, result['body'])
|
||||
assert_match(%r{some body <img src="/api/v1/ticket_attachment/.+?" alt="Red dot"}, result['body'])
|
||||
assert_equal('text/html', result['content_type'])
|
||||
assert_equal(@agent.id, result['updated_by_id'])
|
||||
assert_equal(@agent.id, result['created_by_id'])
|
||||
|
||||
assert_equal(3, ticket.articles.count)
|
||||
assert_equal(0, ticket.articles[0].attachments.count)
|
||||
assert_equal(0, ticket.articles[1].attachments.count)
|
||||
assert_equal(1, ticket.articles[2].attachments.count)
|
||||
assert(ticket.articles[2].attachments[0]['id'])
|
||||
assert_equal('image1.png', ticket.articles[2].attachments[0]['filename'])
|
||||
assert_equal('21', ticket.articles[2].attachments[0]['size'])
|
||||
assert_equal('image/png', ticket.articles[2].attachments[0]['preferences']['Mime-Type'])
|
||||
assert_equal('inline', ticket.articles[2].attachments[0]['preferences']['Content-Disposition'])
|
||||
assert_match(/@zammad.example.com/, ticket.articles[2].attachments[0]['preferences']['Content-ID'])
|
||||
|
||||
params = {
|
||||
ticket_id: result['ticket_id'],
|
||||
content_type: 'text/html', # or text/html
|
||||
body: 'some body',
|
||||
type: 'note',
|
||||
attachments: [
|
||||
'filename' => 'some_file.txt',
|
||||
'data' => 'dGVzdCAxMjM=',
|
||||
'mime-type' => 'text/plain',
|
||||
],
|
||||
}
|
||||
post '/api/v1/ticket_articles', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_nil(result['subject'])
|
||||
assert_equal('some body', result['body'])
|
||||
assert_equal('text/html', result['content_type'])
|
||||
assert_equal(@agent.id, result['updated_by_id'])
|
||||
assert_equal(@agent.id, result['created_by_id'])
|
||||
|
||||
assert_equal(4, ticket.articles.count)
|
||||
assert_equal(0, ticket.articles[0].attachments.count)
|
||||
assert_equal(0, ticket.articles[1].attachments.count)
|
||||
assert_equal(1, ticket.articles[2].attachments.count)
|
||||
assert_equal(1, ticket.articles[3].attachments.count)
|
||||
|
||||
get "/api/v1/ticket_articles/#{result['id']}?expand=true", params: {}.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal(1, result['attachments'].count)
|
||||
assert(result['attachments'][0]['id'])
|
||||
assert_equal('some_file.txt', result['attachments'][0]['filename'])
|
||||
assert_equal('8', result['attachments'][0]['size'])
|
||||
assert_equal('text/plain', result['attachments'][0]['preferences']['Mime-Type'])
|
||||
|
||||
params = {
|
||||
ticket_id: result['ticket_id'],
|
||||
content_type: 'text/plain',
|
||||
body: 'some body',
|
||||
type: 'note',
|
||||
preferences: {
|
||||
some_key1: 123,
|
||||
},
|
||||
}
|
||||
post '/api/v1/ticket_articles', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_nil(result['subject'])
|
||||
assert_equal('some body', result['body'])
|
||||
assert_equal('text/plain', result['content_type'])
|
||||
assert_equal(@agent.id, result['updated_by_id'])
|
||||
assert_equal(@agent.id, result['created_by_id'])
|
||||
assert_equal(123, result['preferences']['some_key1'])
|
||||
assert_equal(5, ticket.articles.count)
|
||||
|
||||
params = {
|
||||
body: 'some body 2',
|
||||
preferences: {
|
||||
some_key2: 'abc',
|
||||
},
|
||||
}
|
||||
put "/api/v1/ticket_articles/#{result['id']}", params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_nil(result['subject'])
|
||||
assert_equal('some body 2', result['body'])
|
||||
assert_equal('text/plain', result['content_type'])
|
||||
assert_equal(@agent.id, result['updated_by_id'])
|
||||
assert_equal(@agent.id, result['created_by_id'])
|
||||
assert_equal(123, result['preferences']['some_key1'])
|
||||
assert_equal('abc', result['preferences']['some_key2'])
|
||||
|
||||
end
|
||||
|
||||
test '02.01 ticket create with customer and articles' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-customer1@example.com', 'customer1pw')
|
||||
|
||||
params = {
|
||||
title: 'a new ticket #2',
|
||||
group: 'Users',
|
||||
article: {
|
||||
body: 'some body',
|
||||
}
|
||||
}
|
||||
post '/api/v1/tickets', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
|
||||
params = {
|
||||
ticket_id: result['id'],
|
||||
content_type: 'text/plain', # or text/html
|
||||
body: 'some body',
|
||||
type: 'note',
|
||||
}
|
||||
post '/api/v1/ticket_articles', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_nil(result['subject'])
|
||||
assert_equal('some body', result['body'])
|
||||
assert_equal('text/plain', result['content_type'])
|
||||
assert_equal(@customer_without_org.id, result['updated_by_id'])
|
||||
assert_equal(@customer_without_org.id, result['created_by_id'])
|
||||
|
||||
ticket = Ticket.find(result['ticket_id'])
|
||||
assert_equal(2, ticket.articles.count)
|
||||
assert_equal('Customer', ticket.articles[1].sender.name)
|
||||
assert_equal(0, ticket.articles[0].attachments.count)
|
||||
assert_equal(0, ticket.articles[1].attachments.count)
|
||||
|
||||
params = {
|
||||
ticket_id: result['ticket_id'],
|
||||
content_type: 'text/plain', # or text/html
|
||||
body: 'some body',
|
||||
sender: 'Agent',
|
||||
type: 'note',
|
||||
}
|
||||
post '/api/v1/ticket_articles', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_nil(result['subject'])
|
||||
assert_equal('some body', result['body'])
|
||||
assert_equal('text/plain', result['content_type'])
|
||||
assert_equal(@customer_without_org.id, result['updated_by_id'])
|
||||
assert_equal(@customer_without_org.id, result['created_by_id'])
|
||||
|
||||
ticket = Ticket.find(result['ticket_id'])
|
||||
assert_equal(3, ticket.articles.count)
|
||||
assert_equal('Customer', ticket.articles[2].sender.name)
|
||||
assert_equal(false, ticket.articles[2].internal)
|
||||
assert_equal(0, ticket.articles[0].attachments.count)
|
||||
assert_equal(0, ticket.articles[1].attachments.count)
|
||||
assert_equal(0, ticket.articles[2].attachments.count)
|
||||
|
||||
params = {
|
||||
ticket_id: result['ticket_id'],
|
||||
content_type: 'text/plain', # or text/html
|
||||
body: 'some body 2',
|
||||
sender: 'Agent',
|
||||
type: 'note',
|
||||
internal: true,
|
||||
}
|
||||
post '/api/v1/ticket_articles', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_nil(result['subject'])
|
||||
assert_equal('some body 2', result['body'])
|
||||
assert_equal('text/plain', result['content_type'])
|
||||
assert_equal(@customer_without_org.id, result['updated_by_id'])
|
||||
assert_equal(@customer_without_org.id, result['created_by_id'])
|
||||
|
||||
ticket = Ticket.find(result['ticket_id'])
|
||||
assert_equal(4, ticket.articles.count)
|
||||
assert_equal('Customer', ticket.articles[3].sender.name)
|
||||
assert_equal(false, ticket.articles[3].internal)
|
||||
assert_equal(0, ticket.articles[0].attachments.count)
|
||||
assert_equal(0, ticket.articles[1].attachments.count)
|
||||
assert_equal(0, ticket.articles[2].attachments.count)
|
||||
assert_equal(0, ticket.articles[3].attachments.count)
|
||||
|
||||
# add internal article
|
||||
article = Ticket::Article.create!(
|
||||
ticket_id: ticket.id,
|
||||
from: 'some_sender@example.com',
|
||||
to: 'some_recipient@example.com',
|
||||
subject: 'some subject',
|
||||
message_id: 'some@id',
|
||||
body: 'some message 123',
|
||||
internal: true,
|
||||
sender: Ticket::Article::Sender.find_by(name: 'Agent'),
|
||||
type: Ticket::Article::Type.find_by(name: 'note'),
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1,
|
||||
)
|
||||
assert_equal(5, ticket.articles.count)
|
||||
assert_equal('Agent', ticket.articles[4].sender.name)
|
||||
assert_equal(1, ticket.articles[4].updated_by_id)
|
||||
assert_equal(1, ticket.articles[4].created_by_id)
|
||||
assert_equal(0, ticket.articles[0].attachments.count)
|
||||
assert_equal(0, ticket.articles[1].attachments.count)
|
||||
assert_equal(0, ticket.articles[2].attachments.count)
|
||||
assert_equal(0, ticket.articles[3].attachments.count)
|
||||
assert_equal(0, ticket.articles[4].attachments.count)
|
||||
|
||||
get "/api/v1/ticket_articles/#{article.id}", params: {}.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('Not authorized', result['error'])
|
||||
|
||||
put "/api/v1/ticket_articles/#{article.id}", params: { internal: false }.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('Not authorized', result['error'])
|
||||
|
||||
end
|
||||
|
||||
test '03.01 create phone ticket for customer and expected origin_by_id' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
|
||||
|
||||
params = {
|
||||
title: 'a new ticket #1',
|
||||
group: 'Users',
|
||||
customer_id: @customer_without_org.id,
|
||||
article: {
|
||||
body: 'some body',
|
||||
sender: 'Customer',
|
||||
type: 'phone',
|
||||
}
|
||||
}
|
||||
post '/api/v1/tickets', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal('a new ticket #1', result['title'])
|
||||
|
||||
article = Ticket::Article.find_by(ticket_id: result['id'])
|
||||
assert_equal(@customer_without_org.id, article.origin_by_id)
|
||||
assert_equal('Tickets Customer1 <tickets-customer1@example.com>', article.from)
|
||||
end
|
||||
|
||||
test '03.02 create phone ticket by customer and manipulate origin_by_id' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-customer1@example.com', 'customer1pw')
|
||||
|
||||
params = {
|
||||
title: 'a new ticket #1',
|
||||
group: 'Users',
|
||||
customer_id: @customer_without_org.id,
|
||||
article: {
|
||||
body: 'some body',
|
||||
sender: 'Customer',
|
||||
type: 'phone',
|
||||
origin_by_id: 1,
|
||||
}
|
||||
}
|
||||
post '/api/v1/tickets', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
|
||||
article = Ticket::Article.find_by(ticket_id: result['id'])
|
||||
assert_equal(@customer_without_org.id, article.origin_by_id)
|
||||
end
|
||||
|
||||
test '04.01 ticket split with html - check attachments' do
|
||||
ticket = Ticket.create!(
|
||||
title: 'some title',
|
||||
group: Group.lookup(name: 'Users'),
|
||||
customer_id: @customer_without_org.id,
|
||||
state: Ticket::State.lookup(name: 'new'),
|
||||
priority: Ticket::Priority.lookup(name: '2 normal'),
|
||||
updated_by_id: @agent.id,
|
||||
created_by_id: @agent.id,
|
||||
)
|
||||
article = Ticket::Article.create!(
|
||||
type: Ticket::Article::Type.lookup(name: 'note'),
|
||||
sender: Ticket::Article::Sender.lookup(name: 'Customer'),
|
||||
from: 'sender',
|
||||
subject: 'subject',
|
||||
body: '<b>test</b> <img src="cid:15.274327094.140938@ZAMMAD.example.com"/> test <img src="cid:15.274327094.140938.3@ZAMMAD.example.com"/>',
|
||||
content_type: 'text/html',
|
||||
ticket_id: ticket.id,
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1,
|
||||
)
|
||||
Store.add(
|
||||
object: 'Ticket::Article',
|
||||
o_id: article.id,
|
||||
data: 'content_file1_normally_should_be_an_image',
|
||||
filename: 'some_file1.jpg',
|
||||
preferences: {
|
||||
'Content-Type' => 'image/jpeg',
|
||||
'Mime-Type' => 'image/jpeg',
|
||||
'Content-ID' => '15.274327094.140938@zammad.example.com',
|
||||
'Content-Disposition' => 'inline',
|
||||
},
|
||||
created_by_id: 1,
|
||||
)
|
||||
Store.add(
|
||||
object: 'Ticket::Article',
|
||||
o_id: article.id,
|
||||
data: 'content_file2_normally_should_be_an_image',
|
||||
filename: 'some_file2.jpg',
|
||||
preferences: {
|
||||
'Content-Type' => 'image/jpeg',
|
||||
'Mime-Type' => 'image/jpeg',
|
||||
'Content-ID' => '15.274327094.140938.2@zammad.example.com',
|
||||
'Content-Disposition' => 'inline',
|
||||
},
|
||||
created_by_id: 1,
|
||||
)
|
||||
Store.add(
|
||||
object: 'Ticket::Article',
|
||||
o_id: article.id,
|
||||
data: 'content_file3_normally_should_be_an_image',
|
||||
filename: 'some_file3.jpg',
|
||||
preferences: {
|
||||
'Content-Type' => 'image/jpeg',
|
||||
'Mime-Type' => 'image/jpeg',
|
||||
'Content-ID' => '15.274327094.140938.3@zammad.example.com',
|
||||
},
|
||||
created_by_id: 1,
|
||||
)
|
||||
Store.add(
|
||||
object: 'Ticket::Article',
|
||||
o_id: article.id,
|
||||
data: 'content_file4_normally_should_be_an_image',
|
||||
filename: 'some_file4.jpg',
|
||||
preferences: {
|
||||
'Content-Type' => 'image/jpeg',
|
||||
'Mime-Type' => 'image/jpeg',
|
||||
'Content-ID' => '15.274327094.140938.4@zammad.example.com',
|
||||
},
|
||||
created_by_id: 1,
|
||||
)
|
||||
Store.add(
|
||||
object: 'Ticket::Article',
|
||||
o_id: article.id,
|
||||
data: 'content_file1_normally_should_be_an_pdf',
|
||||
filename: 'Rechnung_RE-2018-200.pdf',
|
||||
preferences: {
|
||||
'Content-Type' => 'application/octet-stream; name="Rechnung_RE-2018-200.pdf"',
|
||||
'Mime-Type' => 'application/octet-stream',
|
||||
'Content-ID' => '8AB0BEC88984EE4EBEF643C79C8E0346@zammad.example.com',
|
||||
'Content-Description' => 'Rechnung_RE-2018-200.pdf',
|
||||
'Content-Disposition' => 'attachment',
|
||||
},
|
||||
created_by_id: 1,
|
||||
)
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
|
||||
|
||||
params = {
|
||||
form_id: 'new_form_id123',
|
||||
}
|
||||
post "/api/v1/ticket_attachment_upload_clone_by_article/#{article.id}", params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert(result['attachments'])
|
||||
assert_equal(result['attachments'].count, 3)
|
||||
|
||||
post "/api/v1/ticket_attachment_upload_clone_by_article/#{article.id}", params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert(result['attachments'])
|
||||
assert_equal(result['attachments'].count, 0)
|
||||
end
|
||||
|
||||
test '04.02 ticket split with plain - check attachments' do
|
||||
ticket = Ticket.create!(
|
||||
title: 'some title',
|
||||
group: Group.lookup(name: 'Users'),
|
||||
customer_id: @customer_without_org.id,
|
||||
state: Ticket::State.lookup(name: 'new'),
|
||||
priority: Ticket::Priority.lookup(name: '2 normal'),
|
||||
updated_by_id: @agent.id,
|
||||
created_by_id: @agent.id,
|
||||
)
|
||||
article = Ticket::Article.create!(
|
||||
type: Ticket::Article::Type.lookup(name: 'note'),
|
||||
sender: Ticket::Article::Sender.lookup(name: 'Customer'),
|
||||
from: 'sender',
|
||||
subject: 'subject',
|
||||
body: '<b>test</b> <img src="cid:15.274327094.140938@zammad.example.com"/>',
|
||||
content_type: 'text/plain',
|
||||
ticket_id: ticket.id,
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1,
|
||||
)
|
||||
Store.add(
|
||||
object: 'Ticket::Article',
|
||||
o_id: article.id,
|
||||
data: 'content_file1_normally_should_be_an_image',
|
||||
filename: 'some_file1.jpg',
|
||||
preferences: {
|
||||
'Content-Type' => 'image/jpeg',
|
||||
'Mime-Type' => 'image/jpeg',
|
||||
'Content-ID' => '15.274327094.140938@zammad.example.com',
|
||||
'Content-Disposition' => 'inline',
|
||||
},
|
||||
created_by_id: 1,
|
||||
)
|
||||
Store.add(
|
||||
object: 'Ticket::Article',
|
||||
o_id: article.id,
|
||||
data: 'content_file1_normally_should_be_an_image',
|
||||
filename: 'some_file2.jpg',
|
||||
preferences: {
|
||||
'Content-Type' => 'image/jpeg',
|
||||
'Mime-Type' => 'image/jpeg',
|
||||
'Content-ID' => '15.274327094.140938.2@zammad.example.com',
|
||||
'Content-Disposition' => 'inline',
|
||||
},
|
||||
created_by_id: 1,
|
||||
)
|
||||
Store.add(
|
||||
object: 'Ticket::Article',
|
||||
o_id: article.id,
|
||||
data: 'content_file1_normally_should_be_an_pdf',
|
||||
filename: 'Rechnung_RE-2018-200.pdf',
|
||||
preferences: {
|
||||
'Content-Type' => 'application/octet-stream; name="Rechnung_RE-2018-200.pdf"',
|
||||
'Mime-Type' => 'application/octet-stream',
|
||||
'Content-ID' => '8AB0BEC88984EE4EBEF643C79C8E0346@zammad.example.com',
|
||||
'Content-Description' => 'Rechnung_RE-2018-200.pdf',
|
||||
'Content-Disposition' => 'attachment',
|
||||
},
|
||||
created_by_id: 1,
|
||||
)
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
|
||||
|
||||
params = {
|
||||
form_id: 'new_form_id123',
|
||||
}
|
||||
post "/api/v1/ticket_attachment_upload_clone_by_article/#{article.id}", params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert(result['attachments'])
|
||||
assert_equal(result['attachments'].count, 3)
|
||||
|
||||
post "/api/v1/ticket_attachment_upload_clone_by_article/#{article.id}", params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert(result['attachments'])
|
||||
assert_equal(result['attachments'].count, 0)
|
||||
|
||||
end
|
||||
|
||||
end
|
|
@ -1,190 +0,0 @@
|
|||
|
||||
require 'test_helper'
|
||||
|
||||
class TicketsControllerEscalationTest < ActionDispatch::IntegrationTest
|
||||
setup do
|
||||
|
||||
# set accept header
|
||||
@headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: %w[Admin Agent])
|
||||
groups = Group.all
|
||||
|
||||
UserInfo.current_user_id = 1
|
||||
@admin = User.create!(
|
||||
login: 'tickets-admin',
|
||||
firstname: 'Tickets',
|
||||
lastname: 'Admin',
|
||||
email: 'tickets-admin@example.com',
|
||||
password: 'adminpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: 'Agent')
|
||||
@agent = User.create!(
|
||||
login: 'tickets-agent@example.com',
|
||||
firstname: 'Tickets',
|
||||
lastname: 'Agent',
|
||||
email: 'tickets-agent@example.com',
|
||||
password: 'agentpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
# create customer without org
|
||||
roles = Role.where(name: 'Customer')
|
||||
@customer_without_org = User.create!(
|
||||
login: 'tickets-customer1@example.com',
|
||||
firstname: 'Tickets',
|
||||
lastname: 'Customer1',
|
||||
email: 'tickets-customer1@example.com',
|
||||
password: 'customer1pw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
)
|
||||
|
||||
@calendar = Calendar.create!(
|
||||
name: 'Escalation Test',
|
||||
timezone: 'Europe/Berlin',
|
||||
business_hours: {
|
||||
mon: {
|
||||
active: true,
|
||||
timeframes: [ ['00:00', '23:59'] ]
|
||||
},
|
||||
tue: {
|
||||
active: true,
|
||||
timeframes: [ ['00:00', '23:59'] ]
|
||||
},
|
||||
wed: {
|
||||
active: true,
|
||||
timeframes: [ ['00:00', '23:59'] ]
|
||||
},
|
||||
thu: {
|
||||
active: true,
|
||||
timeframes: [ ['00:00', '23:59'] ]
|
||||
},
|
||||
fri: {
|
||||
active: true,
|
||||
timeframes: [ ['00:00', '23:59'] ]
|
||||
},
|
||||
sat: {
|
||||
active: true,
|
||||
timeframes: [ ['00:00', '23:59'] ]
|
||||
},
|
||||
sun: {
|
||||
active: true,
|
||||
timeframes: [ ['00:00', '23:59'] ]
|
||||
},
|
||||
},
|
||||
default: true,
|
||||
ical_url: nil,
|
||||
)
|
||||
|
||||
@sla = Sla.create!(
|
||||
name: 'test sla 1',
|
||||
condition: {
|
||||
'ticket.title' => {
|
||||
operator: 'contains',
|
||||
value: 'some value 123',
|
||||
},
|
||||
},
|
||||
first_response_time: 60,
|
||||
update_time: 180,
|
||||
solution_time: 240,
|
||||
calendar_id: @calendar.id,
|
||||
)
|
||||
|
||||
UserInfo.current_user_id = nil
|
||||
|
||||
end
|
||||
|
||||
test '01.01 ticket created via web' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-customer1@example.com', 'customer1pw')
|
||||
params = {
|
||||
title: 'some value 123',
|
||||
group: 'Users',
|
||||
article: {
|
||||
body: 'some test 123',
|
||||
},
|
||||
}
|
||||
|
||||
post '/api/v1/tickets', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal(Ticket::State.lookup(name: 'new').id, result['state_id'])
|
||||
assert_equal('some value 123', result['title'])
|
||||
assert_equal(@customer_without_org.id, result['updated_by_id'])
|
||||
assert_equal(@customer_without_org.id, result['created_by_id'])
|
||||
|
||||
ticket_p = Ticket.find(result['id'])
|
||||
|
||||
assert_equal(ticket_p['escalation_at'].iso8601, result['escalation_at'].sub(/.\d\d\dZ$/, 'Z'))
|
||||
assert_equal(ticket_p['first_response_escalation_at'].iso8601, result['first_response_escalation_at'].sub(/.\d\d\dZ$/, 'Z'))
|
||||
assert_equal(ticket_p['update_escalation_at'].iso8601, result['update_escalation_at'].sub(/.\d\d\dZ$/, 'Z'))
|
||||
assert_equal(ticket_p['close_escalation_at'].iso8601, result['close_escalation_at'].sub(/.\d\d\dZ$/, 'Z'))
|
||||
|
||||
assert(ticket_p.escalation_at)
|
||||
assert_in_delta(ticket_p.first_response_escalation_at.to_i, (ticket_p.created_at + 1.hour).to_i, 90)
|
||||
assert_in_delta(ticket_p.update_escalation_at.to_i, (ticket_p.created_at + 3.hours).to_i, 90)
|
||||
assert_in_delta(ticket_p.close_escalation_at.to_i, (ticket_p.created_at + 4.hours).to_i, 90)
|
||||
assert_in_delta(ticket_p.escalation_at.to_i, (ticket_p.created_at + 1.hour).to_i, 90)
|
||||
end
|
||||
|
||||
test '01.02 ticket got created via email - reply by agent via web' do
|
||||
|
||||
email = "From: Bob Smith <customer@example.com>
|
||||
To: zammad@example.com
|
||||
Subject: some value 123
|
||||
|
||||
Some Text"
|
||||
|
||||
ticket_p, article_p, user_p, mail = Channel::EmailParser.new.process({}, email)
|
||||
ticket_p.reload
|
||||
assert(ticket_p.escalation_at)
|
||||
assert_in_delta(ticket_p.first_response_escalation_at.to_i, (ticket_p.created_at + 1.hour).to_i, 90)
|
||||
assert_in_delta(ticket_p.update_escalation_at.to_i, (ticket_p.created_at + 3.hours).to_i, 90)
|
||||
assert_in_delta(ticket_p.close_escalation_at.to_i, (ticket_p.created_at + 4.hours).to_i, 90)
|
||||
assert_in_delta(ticket_p.escalation_at.to_i, (ticket_p.created_at + 1.hour).to_i, 90)
|
||||
|
||||
travel 3.hours
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('tickets-agent@example.com', 'agentpw')
|
||||
params = {
|
||||
title: 'some value 123 - update',
|
||||
article: {
|
||||
body: 'some test 123',
|
||||
type: 'email',
|
||||
to: 'customer@example.com',
|
||||
},
|
||||
}
|
||||
put "/api/v1/tickets/#{ticket_p.id}", params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Hash, result.class)
|
||||
assert_equal(Ticket::State.lookup(name: 'open').id, result['state_id'])
|
||||
assert_equal('some value 123 - update', result['title'])
|
||||
assert_equal(@agent.id, result['updated_by_id'])
|
||||
assert_equal(user_p.id, result['created_by_id'])
|
||||
|
||||
ticket_p.reload
|
||||
assert_equal(ticket_p['escalation_at'].iso8601, result['escalation_at'].sub(/.\d\d\dZ$/, 'Z'))
|
||||
assert_equal(ticket_p['first_response_escalation_at'].iso8601, result['first_response_escalation_at'].sub(/.\d\d\dZ$/, 'Z'))
|
||||
assert_equal(ticket_p['update_escalation_at'].iso8601, result['update_escalation_at'].sub(/.\d\d\dZ$/, 'Z'))
|
||||
assert_equal(ticket_p['close_escalation_at'].iso8601, result['close_escalation_at'].sub(/.\d\d\dZ$/, 'Z'))
|
||||
|
||||
assert_in_delta(ticket_p.first_response_escalation_at.to_i, (ticket_p.created_at + 1.hour).to_i, 90)
|
||||
assert_in_delta(ticket_p.update_escalation_at.to_i, (ticket_p.last_contact_agent_at + 3.hours).to_i, 90)
|
||||
assert_in_delta(ticket_p.close_escalation_at.to_i, (ticket_p.created_at + 4.hours).to_i, 90)
|
||||
assert_in_delta(ticket_p.escalation_at.to_i, (ticket_p.created_at + 4.hours).to_i, 90)
|
||||
|
||||
end
|
||||
|
||||
end
|
File diff suppressed because it is too large
Load diff
|
@ -1,88 +0,0 @@
|
|||
require 'test_helper'
|
||||
require 'rake'
|
||||
|
||||
class TimeAccountingControllerTest < ActionDispatch::IntegrationTest
|
||||
setup do
|
||||
|
||||
# set accept header
|
||||
@headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
|
||||
|
||||
roles = Role.where(name: 'Admin')
|
||||
groups = Group.all
|
||||
|
||||
UserInfo.current_user_id = 1
|
||||
|
||||
@year = DateTime.now.utc.year
|
||||
@month = DateTime.now.utc.month
|
||||
|
||||
@admin = User.create!(
|
||||
login: 'rest-admin',
|
||||
firstname: 'Rest',
|
||||
lastname: 'Agent',
|
||||
email: 'rest-admin@example.com',
|
||||
password: 'adminpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1
|
||||
)
|
||||
|
||||
roles = Role.where(name: 'Customer')
|
||||
@customer_without_org = User.create!(
|
||||
login: 'rest-customer1@example.com',
|
||||
firstname: 'Rest',
|
||||
lastname: 'Customer1',
|
||||
email: 'rest-customer1@example.com',
|
||||
password: 'customer1pw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1
|
||||
)
|
||||
end
|
||||
|
||||
test '01.01 time account report' do
|
||||
group = Group.create!(
|
||||
name: "GroupWithoutPermission-#{rand(9_999_999_999)}",
|
||||
active: true,
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1,
|
||||
)
|
||||
ticket = Ticket.create!(
|
||||
title: 'ticket for report',
|
||||
group_id: group.id,
|
||||
customer_id: @customer_without_org.id,
|
||||
state: Ticket::State.lookup(name: 'open'),
|
||||
priority: Ticket::Priority.lookup(name: '2 normal'),
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1,
|
||||
)
|
||||
|
||||
article = Ticket::Article.create!(
|
||||
type: Ticket::Article::Type.lookup(name: 'note'),
|
||||
sender: Ticket::Article::Sender.lookup(name: 'Customer'),
|
||||
from: 'sender',
|
||||
subject: 'subject',
|
||||
body: 'some body',
|
||||
ticket_id: ticket.id,
|
||||
updated_by_id: 1,
|
||||
created_by_id: 1,
|
||||
)
|
||||
|
||||
Ticket::TimeAccounting.create!(
|
||||
ticket_id: ticket.id,
|
||||
ticket_article_id: article.id,
|
||||
time_unit: 200,
|
||||
)
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin@example.com', 'adminpw')
|
||||
|
||||
get "/api/v1/time_accounting/log/by_ticket/#{@year}/#{@month}?download=true", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
|
||||
assert_response(200)
|
||||
assert(@response['Content-Disposition'])
|
||||
assert_equal("attachment; filename=\"by_ticket-#{@year}-#{@month}.xls\"", @response['Content-Disposition'])
|
||||
assert_equal('application/vnd.ms-excel', @response['Content-Type'])
|
||||
end
|
||||
end
|
File diff suppressed because it is too large
Load diff
|
@ -1,773 +0,0 @@
|
|||
require 'test_helper'
|
||||
|
||||
class UserOrganizationControllerTest < ActionDispatch::IntegrationTest
|
||||
include SearchindexHelper
|
||||
|
||||
setup do
|
||||
|
||||
# set accept header
|
||||
@headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: %w[Admin Agent])
|
||||
groups = Group.all
|
||||
|
||||
UserInfo.current_user_id = 1
|
||||
|
||||
@backup_admin = User.create!(
|
||||
login: 'backup-admin',
|
||||
firstname: 'Backup',
|
||||
lastname: 'Agent',
|
||||
email: 'backup-admin@example.com',
|
||||
password: 'adminpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
@admin = User.create!(
|
||||
login: 'rest-admin',
|
||||
firstname: 'Rest',
|
||||
lastname: 'Agent',
|
||||
email: 'rest-admin@example.com',
|
||||
password: 'adminpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: 'Agent')
|
||||
@agent = User.create!(
|
||||
login: 'rest-agent@example.com',
|
||||
firstname: 'Rest',
|
||||
lastname: 'Agent',
|
||||
email: 'rest-agent@example.com',
|
||||
password: 'agentpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
# create customer without org
|
||||
roles = Role.where(name: 'Customer')
|
||||
@customer_without_org = User.create!(
|
||||
login: 'rest-customer1@example.com',
|
||||
firstname: 'Rest',
|
||||
lastname: 'Customer1',
|
||||
email: 'rest-customer1@example.com',
|
||||
password: 'customer1pw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
)
|
||||
|
||||
# create orgs
|
||||
@organization = Organization.create!(
|
||||
name: 'Rest Org',
|
||||
note: 'Rest Org A',
|
||||
)
|
||||
@organization2 = Organization.create!(
|
||||
name: 'Rest Org #2',
|
||||
note: 'Rest Org B',
|
||||
)
|
||||
@organization3 = Organization.create!(
|
||||
name: 'Rest Org #3',
|
||||
note: 'Rest Org C',
|
||||
)
|
||||
|
||||
# create customer with org
|
||||
@customer_with_org = User.create!(
|
||||
login: 'rest-customer2@example.com',
|
||||
firstname: 'Rest',
|
||||
lastname: 'Customer2',
|
||||
email: 'rest-customer2@example.com',
|
||||
password: 'customer2pw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
organization_id: @organization.id,
|
||||
)
|
||||
|
||||
configure_elasticsearch do
|
||||
|
||||
travel 1.minute
|
||||
|
||||
rebuild_searchindex
|
||||
|
||||
# execute background jobs
|
||||
Scheduler.worker(true)
|
||||
|
||||
sleep 6
|
||||
end
|
||||
end
|
||||
|
||||
test 'user create tests - no user' do
|
||||
|
||||
post '/api/v1/signshow', params: {}, headers: @headers
|
||||
|
||||
# create user with disabled feature
|
||||
Setting.set('user_create_account', false)
|
||||
token = @response.headers['CSRF-TOKEN']
|
||||
|
||||
# token based on form
|
||||
params = { email: 'some_new_customer@example.com', authenticity_token: token }
|
||||
post '/api/v1/users', params: params.to_json, headers: @headers
|
||||
assert_response(422)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result['error'])
|
||||
assert_equal('Feature not enabled!', result['error'])
|
||||
|
||||
# token based on headers
|
||||
headers = @headers.merge('X-CSRF-Token' => token)
|
||||
params = { email: 'some_new_customer@example.com' }
|
||||
post '/api/v1/users', params: params.to_json, headers: headers
|
||||
assert_response(422)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result['error'])
|
||||
assert_equal('Feature not enabled!', result['error'])
|
||||
|
||||
Setting.set('user_create_account', true)
|
||||
|
||||
# no signup param with enabled feature
|
||||
params = { email: 'some_new_customer@example.com' }
|
||||
post '/api/v1/users', params: params.to_json, headers: headers
|
||||
assert_response(422)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result['error'])
|
||||
assert_equal('Only signup with not authenticate user possible!', result['error'])
|
||||
|
||||
# already existing user with enabled feature
|
||||
params = { email: 'rest-customer1@example.com', signup: true }
|
||||
post '/api/v1/users', params: params.to_json, headers: headers
|
||||
assert_response(422)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result['error'])
|
||||
assert_equal('Email address is already used for other user.', result['error'])
|
||||
|
||||
# email missing with enabled feature
|
||||
params = { firstname: 'some firstname', signup: true }
|
||||
post '/api/v1/users', params: params.to_json, headers: headers
|
||||
assert_response(422)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result['error'])
|
||||
assert_equal('Attribute \'email\' required!', result['error'])
|
||||
|
||||
# email missing with enabled feature
|
||||
params = { firstname: 'some firstname', signup: true }
|
||||
post '/api/v1/users', params: params.to_json, headers: headers
|
||||
assert_response(422)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result['error'])
|
||||
assert_equal('Attribute \'email\' required!', result['error'])
|
||||
|
||||
# create user with enabled feature (take customer role)
|
||||
params = { firstname: 'Me First', lastname: 'Me Last', email: 'new_here@example.com', signup: true }
|
||||
post '/api/v1/users', params: params.to_json, headers: headers
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
|
||||
assert_equal('Me First', result['firstname'])
|
||||
assert_equal('Me Last', result['lastname'])
|
||||
assert_equal('new_here@example.com', result['login'])
|
||||
assert_equal('new_here@example.com', result['email'])
|
||||
user = User.find(result['id'])
|
||||
assert_not(user.role?('Admin'))
|
||||
assert_not(user.role?('Agent'))
|
||||
assert(user.role?('Customer'))
|
||||
|
||||
# create user with admin role (not allowed for signup, take customer role)
|
||||
role = Role.lookup(name: 'Admin')
|
||||
params = { firstname: 'Admin First', lastname: 'Admin Last', email: 'new_admin@example.com', role_ids: [ role.id ], signup: true }
|
||||
post '/api/v1/users', params: params.to_json, headers: headers
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
user = User.find(result['id'])
|
||||
assert_not(user.role?('Admin'))
|
||||
assert_not(user.role?('Agent'))
|
||||
assert(user.role?('Customer'))
|
||||
|
||||
# create user with agent role (not allowed for signup, take customer role)
|
||||
role = Role.lookup(name: 'Agent')
|
||||
params = { firstname: 'Agent First', lastname: 'Agent Last', email: 'new_agent@example.com', role_ids: [ role.id ], signup: true }
|
||||
post '/api/v1/users', params: params.to_json, headers: headers
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
user = User.find(result['id'])
|
||||
assert_not(user.role?('Admin'))
|
||||
assert_not(user.role?('Agent'))
|
||||
assert(user.role?('Customer'))
|
||||
|
||||
# no user (because of no session)
|
||||
get '/api/v1/users', params: {}, headers: headers
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal('authentication failed', result['error'])
|
||||
|
||||
# me
|
||||
get '/api/v1/users/me', params: {}, headers: headers
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal('authentication failed', result['error'])
|
||||
end
|
||||
|
||||
test 'auth tests - not existing user' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('not_existing@example.com', 'adminpw')
|
||||
|
||||
# me
|
||||
get '/api/v1/users/me', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal('authentication failed', result['error'])
|
||||
|
||||
get '/api/v1/users', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal('authentication failed', result['error'])
|
||||
end
|
||||
|
||||
test 'auth tests - username auth, wrong pw' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin', 'not_existing')
|
||||
|
||||
get '/api/v1/users', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal('authentication failed', result['error'])
|
||||
end
|
||||
|
||||
test 'auth tests - email auth, wrong pw' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin@example.com', 'not_existing')
|
||||
|
||||
get '/api/v1/users', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal('authentication failed', result['error'])
|
||||
end
|
||||
|
||||
test 'auth tests - username auth' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin', 'adminpw')
|
||||
|
||||
get '/api/v1/users', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
end
|
||||
|
||||
test 'auth tests - email auth' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin@example.com', 'adminpw')
|
||||
|
||||
get '/api/v1/users', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
end
|
||||
|
||||
test 'user index and create with admin' do
|
||||
|
||||
# email auth
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin@example.com', 'adminpw')
|
||||
|
||||
# me
|
||||
get '/api/v1/users/me', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
assert_equal(result['email'], 'rest-admin@example.com')
|
||||
|
||||
# index
|
||||
get '/api/v1/users', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
|
||||
# index
|
||||
get '/api/v1/users', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
assert_equal(result.class, Array)
|
||||
assert(result.length >= 3)
|
||||
|
||||
# show/:id
|
||||
get "/api/v1/users/#{@agent.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_equal(result['email'], 'rest-agent@example.com')
|
||||
|
||||
get "/api/v1/users/#{@customer_without_org.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_equal(result['email'], 'rest-customer1@example.com')
|
||||
|
||||
# create user with admin role
|
||||
role = Role.lookup(name: 'Admin')
|
||||
params = { firstname: 'Admin First', lastname: 'Admin Last', email: 'new_admin_by_admin@example.com', role_ids: [ role.id ] }
|
||||
post '/api/v1/users', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
user = User.find(result['id'])
|
||||
assert(user.role?('Admin'))
|
||||
assert_not(user.role?('Agent'))
|
||||
assert_not(user.role?('Customer'))
|
||||
assert_equal('new_admin_by_admin@example.com', result['login'])
|
||||
assert_equal('new_admin_by_admin@example.com', result['email'])
|
||||
|
||||
# create user with agent role
|
||||
role = Role.lookup(name: 'Agent')
|
||||
params = { firstname: 'Agent First', lastname: 'Agent Last', email: 'new_agent_by_admin1@example.com', role_ids: [ role.id ] }
|
||||
post '/api/v1/users', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
user = User.find(result['id'])
|
||||
assert_not(user.role?('Admin'))
|
||||
assert(user.role?('Agent'))
|
||||
assert_not(user.role?('Customer'))
|
||||
assert_equal('new_agent_by_admin1@example.com', result['login'])
|
||||
assert_equal('new_agent_by_admin1@example.com', result['email'])
|
||||
|
||||
role = Role.lookup(name: 'Agent')
|
||||
params = { firstname: 'Agent First', email: 'new_agent_by_admin2@example.com', role_ids: [ role.id ] }
|
||||
post '/api/v1/users', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
user = User.find(result['id'])
|
||||
assert_not(user.role?('Admin'))
|
||||
assert(user.role?('Agent'))
|
||||
assert_not(user.role?('Customer'))
|
||||
assert_equal('new_agent_by_admin2@example.com', result['login'])
|
||||
assert_equal('new_agent_by_admin2@example.com', result['email'])
|
||||
assert_equal('Agent', result['firstname'])
|
||||
assert_equal('First', result['lastname'])
|
||||
|
||||
role = Role.lookup(name: 'Agent')
|
||||
params = { firstname: 'Agent First', email: 'new_agent_by_admin2@example.com', role_ids: [ role.id ] }
|
||||
post '/api/v1/users', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(422)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
assert_equal('Email address is already used for other user.', result['error'])
|
||||
|
||||
# missing required attributes
|
||||
params = { note: 'some note' }
|
||||
post '/api/v1/users', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(422)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
assert_equal('Minimum one identifier (login, firstname, lastname, phone or email) for user is required.', result['error'])
|
||||
|
||||
# invalid email
|
||||
params = { firstname: 'newfirstname123', email: 'some_what', note: 'some note' }
|
||||
post '/api/v1/users', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(422)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
assert_equal('Invalid email', result['error'])
|
||||
|
||||
# with valid attributes
|
||||
params = { firstname: 'newfirstname123', note: 'some note' }
|
||||
post '/api/v1/users', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
user = User.find(result['id'])
|
||||
assert_not(user.role?('Admin'))
|
||||
assert_not(user.role?('Agent'))
|
||||
assert(user.role?('Customer'))
|
||||
assert(result['login'].start_with?('auto-'))
|
||||
assert_equal('', result['email'])
|
||||
assert_equal('newfirstname123', result['firstname'])
|
||||
assert_equal('', result['lastname'])
|
||||
end
|
||||
|
||||
test 'user index and create with agent' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-agent@example.com', 'agentpw')
|
||||
|
||||
# me
|
||||
get '/api/v1/users/me', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
assert_equal(result['email'], 'rest-agent@example.com')
|
||||
|
||||
# index
|
||||
get '/api/v1/users', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
|
||||
# index
|
||||
get '/api/v1/users', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
assert_equal(result.class, Array)
|
||||
assert(result.length >= 3)
|
||||
|
||||
get '/api/v1/users?limit=40&page=1&per_page=2', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
users = User.order(:id).limit(2)
|
||||
assert_equal(users[0].id, result[0]['id'])
|
||||
assert_equal(users[1].id, result[1]['id'])
|
||||
assert_equal(2, result.count)
|
||||
|
||||
get '/api/v1/users?limit=40&page=2&per_page=2', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
users = User.order(:id).limit(4)
|
||||
assert_equal(users[2].id, result[0]['id'])
|
||||
assert_equal(users[3].id, result[1]['id'])
|
||||
assert_equal(2, result.count)
|
||||
|
||||
# create user with admin role
|
||||
firstname = "First test#{rand(999_999_999)}"
|
||||
role = Role.lookup(name: 'Admin')
|
||||
params = { firstname: "Admin#{firstname}", lastname: 'Admin Last', email: 'new_admin_by_agent@example.com', role_ids: [ role.id ] }
|
||||
post '/api/v1/users', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result_user1 = JSON.parse(@response.body)
|
||||
assert(result_user1)
|
||||
user = User.find(result_user1['id'])
|
||||
assert_not(user.role?('Admin'))
|
||||
assert_not(user.role?('Agent'))
|
||||
assert(user.role?('Customer'))
|
||||
assert_equal('new_admin_by_agent@example.com', result_user1['login'])
|
||||
assert_equal('new_admin_by_agent@example.com', result_user1['email'])
|
||||
|
||||
# create user with agent role
|
||||
role = Role.lookup(name: 'Agent')
|
||||
params = { firstname: "Agent#{firstname}", lastname: 'Agent Last', email: 'new_agent_by_agent@example.com', role_ids: [ role.id ] }
|
||||
post '/api/v1/users', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result_user1 = JSON.parse(@response.body)
|
||||
assert(result_user1)
|
||||
user = User.find(result_user1['id'])
|
||||
assert_not(user.role?('Admin'))
|
||||
assert_not(user.role?('Agent'))
|
||||
assert(user.role?('Customer'))
|
||||
assert_equal('new_agent_by_agent@example.com', result_user1['login'])
|
||||
assert_equal('new_agent_by_agent@example.com', result_user1['email'])
|
||||
|
||||
# create user with customer role
|
||||
role = Role.lookup(name: 'Customer')
|
||||
params = { firstname: "Customer#{firstname}", lastname: 'Customer Last', email: 'new_customer_by_agent@example.com', role_ids: [ role.id ] }
|
||||
post '/api/v1/users', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result_user1 = JSON.parse(@response.body)
|
||||
assert(result_user1)
|
||||
user = User.find(result_user1['id'])
|
||||
assert_not(user.role?('Admin'))
|
||||
assert_not(user.role?('Agent'))
|
||||
assert(user.role?('Customer'))
|
||||
assert_equal('new_customer_by_agent@example.com', result_user1['login'])
|
||||
assert_equal('new_customer_by_agent@example.com', result_user1['email'])
|
||||
|
||||
# search as agent
|
||||
Scheduler.worker(true)
|
||||
sleep 2 # let es time to come ready
|
||||
get "/api/v1/users/search?query=#{CGI.escape("Customer#{firstname}")}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
|
||||
assert_equal(result_user1['id'], result[0]['id'])
|
||||
assert_equal("Customer#{firstname}", result[0]['firstname'])
|
||||
assert_equal('Customer Last', result[0]['lastname'])
|
||||
assert(result[0]['role_ids'])
|
||||
assert_not(result[0]['roles'])
|
||||
|
||||
get "/api/v1/users/search?query=#{CGI.escape("Customer#{firstname}")}&expand=true", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal(result_user1['id'], result[0]['id'])
|
||||
assert_equal("Customer#{firstname}", result[0]['firstname'])
|
||||
assert_equal('Customer Last', result[0]['lastname'])
|
||||
assert(result[0]['role_ids'])
|
||||
assert(result[0]['roles'])
|
||||
|
||||
get "/api/v1/users/search?query=#{CGI.escape("Customer#{firstname}")}&label=true", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal(result_user1['id'], result[0]['id'])
|
||||
assert_equal("Customer#{firstname} Customer Last <new_customer_by_agent@example.com>", result[0]['label'])
|
||||
assert_equal("Customer#{firstname} Customer Last <new_customer_by_agent@example.com>", result[0]['value'])
|
||||
assert_not(result[0]['role_ids'])
|
||||
assert_not(result[0]['roles'])
|
||||
|
||||
role = Role.find_by(name: 'Agent')
|
||||
get "/api/v1/users/search?query=#{CGI.escape("Customer#{firstname}")}&role_ids=#{role.id}&label=true", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal(0, result.count)
|
||||
|
||||
role = Role.find_by(name: 'Customer')
|
||||
get "/api/v1/users/search?query=#{CGI.escape("Customer#{firstname}")}&role_ids=#{role.id}&label=true", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal(result_user1['id'], result[0]['id'])
|
||||
assert_equal("Customer#{firstname} Customer Last <new_customer_by_agent@example.com>", result[0]['label'])
|
||||
assert_equal("Customer#{firstname} Customer Last <new_customer_by_agent@example.com>", result[0]['value'])
|
||||
assert_not(result[0]['role_ids'])
|
||||
assert_not(result[0]['roles'])
|
||||
|
||||
permission = Permission.find_by(name: 'ticket.agent')
|
||||
get "/api/v1/users/search?query=#{CGI.escape("Customer#{firstname}")}&permissions=#{permission.name}&label=true", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal(0, result.count)
|
||||
|
||||
permission = Permission.find_by(name: 'ticket.customer')
|
||||
get "/api/v1/users/search?query=#{CGI.escape("Customer#{firstname}")}&permissions=#{permission.name}&label=true", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal(result_user1['id'], result[0]['id'])
|
||||
assert_equal("Customer#{firstname} Customer Last <new_customer_by_agent@example.com>", result[0]['label'])
|
||||
assert_equal("Customer#{firstname} Customer Last <new_customer_by_agent@example.com>", result[0]['value'])
|
||||
assert_not(result[0]['role_ids'])
|
||||
assert_not(result[0]['roles'])
|
||||
end
|
||||
|
||||
test 'user index and create with customer1' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-customer1@example.com', 'customer1pw')
|
||||
|
||||
# me
|
||||
get '/api/v1/users/me', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
assert_equal(result['email'], 'rest-customer1@example.com')
|
||||
|
||||
# index
|
||||
get '/api/v1/users', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Array)
|
||||
assert_equal(result.length, 1)
|
||||
|
||||
# show/:id
|
||||
get "/api/v1/users/#{@customer_without_org.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_equal(result['email'], 'rest-customer1@example.com')
|
||||
|
||||
get "/api/v1/users/#{@customer_with_org.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert(result['error'])
|
||||
|
||||
# create user with admin role
|
||||
role = Role.lookup(name: 'Admin')
|
||||
params = { firstname: 'Admin First', lastname: 'Admin Last', email: 'new_admin_by_customer1@example.com', role_ids: [ role.id ] }
|
||||
post '/api/v1/users', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
|
||||
# create user with agent role
|
||||
role = Role.lookup(name: 'Agent')
|
||||
params = { firstname: 'Agent First', lastname: 'Agent Last', email: 'new_agent_by_customer1@example.com', role_ids: [ role.id ] }
|
||||
post '/api/v1/users', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
|
||||
# search
|
||||
Scheduler.worker(true)
|
||||
get "/api/v1/users/search?query=#{CGI.escape('First')}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
end
|
||||
|
||||
test 'user index with customer2' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-customer2@example.com', 'customer2pw')
|
||||
|
||||
# me
|
||||
get '/api/v1/users/me', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
assert_equal(result['email'], 'rest-customer2@example.com')
|
||||
|
||||
# index
|
||||
get '/api/v1/users', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Array)
|
||||
assert_equal(result.length, 1)
|
||||
|
||||
# show/:id
|
||||
get "/api/v1/users/#{@customer_with_org.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_equal(result['email'], 'rest-customer2@example.com')
|
||||
|
||||
get "/api/v1/users/#{@customer_without_org.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert(result['error'])
|
||||
|
||||
# search
|
||||
Scheduler.worker(true)
|
||||
get "/api/v1/users/search?query=#{CGI.escape('First')}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
end
|
||||
|
||||
test 'organization index with agent' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-agent@example.com', 'agentpw')
|
||||
|
||||
# index
|
||||
get '/api/v1/organizations', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Array)
|
||||
assert_equal(result[0]['member_ids'].class, Array)
|
||||
assert(result.length >= 3)
|
||||
|
||||
get '/api/v1/organizations?limit=40&page=1&per_page=2', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
organizations = Organization.order(:id).limit(2)
|
||||
assert_equal(organizations[0].id, result[0]['id'])
|
||||
assert_equal(organizations[0].member_ids, result[0]['member_ids'])
|
||||
assert_equal(organizations[1].id, result[1]['id'])
|
||||
assert_equal(organizations[1].member_ids, result[1]['member_ids'])
|
||||
assert_equal(2, result.count)
|
||||
|
||||
get '/api/v1/organizations?limit=40&page=2&per_page=2', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
organizations = Organization.order(:id).limit(4)
|
||||
assert_equal(organizations[2].id, result[0]['id'])
|
||||
assert_equal(organizations[2].member_ids, result[0]['member_ids'])
|
||||
assert_equal(organizations[3].id, result[1]['id'])
|
||||
assert_equal(organizations[3].member_ids, result[1]['member_ids'])
|
||||
|
||||
assert_equal(2, result.count)
|
||||
|
||||
# show/:id
|
||||
get "/api/v1/organizations/#{@organization.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_equal(result['member_ids'].class, Array)
|
||||
assert_not(result['members'])
|
||||
assert_equal(result['name'], 'Rest Org')
|
||||
|
||||
get "/api/v1/organizations/#{@organization2.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_equal(result['member_ids'].class, Array)
|
||||
assert_not(result['members'])
|
||||
assert_equal(result['name'], 'Rest Org #2')
|
||||
|
||||
# search as agent
|
||||
Scheduler.worker(true)
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal('Zammad Foundation', result[0]['name'])
|
||||
assert(result[0]['member_ids'])
|
||||
assert_not(result[0]['members'])
|
||||
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}&expand=true", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal('Zammad Foundation', result[0]['name'])
|
||||
assert(result[0]['member_ids'])
|
||||
assert(result[0]['members'])
|
||||
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}&label=true", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal('Zammad Foundation', result[0]['label'])
|
||||
assert_equal('Zammad Foundation', result[0]['value'])
|
||||
assert_not(result[0]['member_ids'])
|
||||
assert_not(result[0]['members'])
|
||||
end
|
||||
|
||||
test 'organization index with customer1' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-customer1@example.com', 'customer1pw')
|
||||
|
||||
# index
|
||||
get '/api/v1/organizations', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Array)
|
||||
assert_equal(result.length, 0)
|
||||
|
||||
# show/:id
|
||||
get "/api/v1/organizations/#{@organization.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_nil(result['name'])
|
||||
|
||||
get "/api/v1/organizations/#{@organization2.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_nil(result['name'])
|
||||
|
||||
# search
|
||||
Scheduler.worker(true)
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
end
|
||||
|
||||
test 'organization index with customer2' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-customer2@example.com', 'customer2pw')
|
||||
|
||||
# index
|
||||
get '/api/v1/organizations', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Array)
|
||||
assert_equal(result.length, 1)
|
||||
|
||||
# show/:id
|
||||
get "/api/v1/organizations/#{@organization.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_equal(result['name'], 'Rest Org')
|
||||
|
||||
get "/api/v1/organizations/#{@organization2.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_nil(result['name'])
|
||||
|
||||
# search
|
||||
Scheduler.worker(true)
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
end
|
||||
|
||||
end
|
File diff suppressed because it is too large
Load diff
|
@ -1,773 +0,0 @@
|
|||
require 'test_helper'
|
||||
|
||||
class UsersOrganizationControllerTest < ActionDispatch::IntegrationTest
|
||||
include SearchindexHelper
|
||||
|
||||
setup do
|
||||
|
||||
# set accept header
|
||||
@headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: %w[Admin Agent])
|
||||
groups = Group.all
|
||||
|
||||
UserInfo.current_user_id = 1
|
||||
|
||||
@backup_admin = User.create!(
|
||||
login: 'backup-admin',
|
||||
firstname: 'Backup',
|
||||
lastname: 'Agent',
|
||||
email: 'backup-admin@example.com',
|
||||
password: 'adminpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
@admin = User.create!(
|
||||
login: 'rest-admin',
|
||||
firstname: 'Rest',
|
||||
lastname: 'Agent',
|
||||
email: 'rest-admin@example.com',
|
||||
password: 'adminpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
# create agent
|
||||
roles = Role.where(name: 'Agent')
|
||||
@agent = User.create!(
|
||||
login: 'rest-agent@example.com',
|
||||
firstname: 'Rest',
|
||||
lastname: 'Agent',
|
||||
email: 'rest-agent@example.com',
|
||||
password: 'agentpw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
groups: groups,
|
||||
)
|
||||
|
||||
# create customer without org
|
||||
roles = Role.where(name: 'Customer')
|
||||
@customer_without_org = User.create!(
|
||||
login: 'rest-customer1@example.com',
|
||||
firstname: 'Rest',
|
||||
lastname: 'Customer1',
|
||||
email: 'rest-customer1@example.com',
|
||||
password: 'customer1pw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
)
|
||||
|
||||
# create orgs
|
||||
@organization = Organization.create!(
|
||||
name: 'Rest Org',
|
||||
note: 'Rest Org A',
|
||||
)
|
||||
@organization2 = Organization.create!(
|
||||
name: 'Rest Org #2',
|
||||
note: 'Rest Org B',
|
||||
)
|
||||
@organization3 = Organization.create!(
|
||||
name: 'Rest Org #3',
|
||||
note: 'Rest Org C',
|
||||
)
|
||||
|
||||
# create customer with org
|
||||
@customer_with_org = User.create!(
|
||||
login: 'rest-customer2@example.com',
|
||||
firstname: 'Rest',
|
||||
lastname: 'Customer2',
|
||||
email: 'rest-customer2@example.com',
|
||||
password: 'customer2pw',
|
||||
active: true,
|
||||
roles: roles,
|
||||
organization_id: @organization.id,
|
||||
)
|
||||
|
||||
configure_elasticsearch do
|
||||
|
||||
travel 1.minute
|
||||
|
||||
rebuild_searchindex
|
||||
|
||||
# execute background jobs
|
||||
Scheduler.worker(true)
|
||||
|
||||
sleep 6
|
||||
end
|
||||
end
|
||||
|
||||
test 'user create tests - no user' do
|
||||
|
||||
post '/api/v1/signshow', params: {}, headers: @headers
|
||||
|
||||
# create user with disabled feature
|
||||
Setting.set('user_create_account', false)
|
||||
token = @response.headers['CSRF-TOKEN']
|
||||
|
||||
# token based on form
|
||||
params = { email: 'some_new_customer@example.com', authenticity_token: token }
|
||||
post '/api/v1/users', params: params.to_json, headers: @headers
|
||||
assert_response(422)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result['error'])
|
||||
assert_equal('Feature not enabled!', result['error'])
|
||||
|
||||
# token based on headers
|
||||
headers = @headers.merge('X-CSRF-Token' => token)
|
||||
params = { email: 'some_new_customer@example.com' }
|
||||
post '/api/v1/users', params: params.to_json, headers: headers
|
||||
assert_response(422)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result['error'])
|
||||
assert_equal('Feature not enabled!', result['error'])
|
||||
|
||||
Setting.set('user_create_account', true)
|
||||
|
||||
# no signup param with enabled feature
|
||||
params = { email: 'some_new_customer@example.com' }
|
||||
post '/api/v1/users', params: params.to_json, headers: headers
|
||||
assert_response(422)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result['error'])
|
||||
assert_equal('Only signup with not authenticate user possible!', result['error'])
|
||||
|
||||
# already existing user with enabled feature
|
||||
params = { email: 'rest-customer1@example.com', signup: true }
|
||||
post '/api/v1/users', params: params.to_json, headers: headers
|
||||
assert_response(422)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result['error'])
|
||||
assert_equal('Email address is already used for other user.', result['error'])
|
||||
|
||||
# email missing with enabled feature
|
||||
params = { firstname: 'some firstname', signup: true }
|
||||
post '/api/v1/users', params: params.to_json, headers: headers
|
||||
assert_response(422)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result['error'])
|
||||
assert_equal('Attribute \'email\' required!', result['error'])
|
||||
|
||||
# email missing with enabled feature
|
||||
params = { firstname: 'some firstname', signup: true }
|
||||
post '/api/v1/users', params: params.to_json, headers: headers
|
||||
assert_response(422)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result['error'])
|
||||
assert_equal('Attribute \'email\' required!', result['error'])
|
||||
|
||||
# create user with enabled feature (take customer role)
|
||||
params = { firstname: 'Me First', lastname: 'Me Last', email: 'new_here@example.com', signup: true }
|
||||
post '/api/v1/users', params: params.to_json, headers: headers
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
|
||||
assert_equal('Me First', result['firstname'])
|
||||
assert_equal('Me Last', result['lastname'])
|
||||
assert_equal('new_here@example.com', result['login'])
|
||||
assert_equal('new_here@example.com', result['email'])
|
||||
user = User.find(result['id'])
|
||||
assert_not(user.role?('Admin'))
|
||||
assert_not(user.role?('Agent'))
|
||||
assert(user.role?('Customer'))
|
||||
|
||||
# create user with admin role (not allowed for signup, take customer role)
|
||||
role = Role.lookup(name: 'Admin')
|
||||
params = { firstname: 'Admin First', lastname: 'Admin Last', email: 'new_admin@example.com', role_ids: [ role.id ], signup: true }
|
||||
post '/api/v1/users', params: params.to_json, headers: headers
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
user = User.find(result['id'])
|
||||
assert_not(user.role?('Admin'))
|
||||
assert_not(user.role?('Agent'))
|
||||
assert(user.role?('Customer'))
|
||||
|
||||
# create user with agent role (not allowed for signup, take customer role)
|
||||
role = Role.lookup(name: 'Agent')
|
||||
params = { firstname: 'Agent First', lastname: 'Agent Last', email: 'new_agent@example.com', role_ids: [ role.id ], signup: true }
|
||||
post '/api/v1/users', params: params.to_json, headers: headers
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
user = User.find(result['id'])
|
||||
assert_not(user.role?('Admin'))
|
||||
assert_not(user.role?('Agent'))
|
||||
assert(user.role?('Customer'))
|
||||
|
||||
# no user (because of no session)
|
||||
get '/api/v1/users', params: {}, headers: headers
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal('authentication failed', result['error'])
|
||||
|
||||
# me
|
||||
get '/api/v1/users/me', params: {}, headers: headers
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal('authentication failed', result['error'])
|
||||
end
|
||||
|
||||
test 'auth tests - not existing user' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('not_existing@example.com', 'adminpw')
|
||||
|
||||
# me
|
||||
get '/api/v1/users/me', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal('authentication failed', result['error'])
|
||||
|
||||
get '/api/v1/users', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal('authentication failed', result['error'])
|
||||
end
|
||||
|
||||
test 'auth tests - username auth, wrong pw' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin', 'not_existing')
|
||||
|
||||
get '/api/v1/users', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal('authentication failed', result['error'])
|
||||
end
|
||||
|
||||
test 'auth tests - email auth, wrong pw' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin@example.com', 'not_existing')
|
||||
|
||||
get '/api/v1/users', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal('authentication failed', result['error'])
|
||||
end
|
||||
|
||||
test 'auth tests - username auth' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin', 'adminpw')
|
||||
|
||||
get '/api/v1/users', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
end
|
||||
|
||||
test 'auth tests - email auth' do
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin@example.com', 'adminpw')
|
||||
|
||||
get '/api/v1/users', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
end
|
||||
|
||||
test 'user index and create with admin' do
|
||||
|
||||
# email auth
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin@example.com', 'adminpw')
|
||||
|
||||
# me
|
||||
get '/api/v1/users/me', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
assert_equal(result['email'], 'rest-admin@example.com')
|
||||
|
||||
# index
|
||||
get '/api/v1/users', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
|
||||
# index
|
||||
get '/api/v1/users', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
assert_equal(result.class, Array)
|
||||
assert(result.length >= 3)
|
||||
|
||||
# show/:id
|
||||
get "/api/v1/users/#{@agent.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_equal(result['email'], 'rest-agent@example.com')
|
||||
|
||||
get "/api/v1/users/#{@customer_without_org.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_equal(result['email'], 'rest-customer1@example.com')
|
||||
|
||||
# create user with admin role
|
||||
role = Role.lookup(name: 'Admin')
|
||||
params = { firstname: 'Admin First', lastname: 'Admin Last', email: 'new_admin_by_admin@example.com', role_ids: [ role.id ] }
|
||||
post '/api/v1/users', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
user = User.find(result['id'])
|
||||
assert(user.role?('Admin'))
|
||||
assert_not(user.role?('Agent'))
|
||||
assert_not(user.role?('Customer'))
|
||||
assert_equal('new_admin_by_admin@example.com', result['login'])
|
||||
assert_equal('new_admin_by_admin@example.com', result['email'])
|
||||
|
||||
# create user with agent role
|
||||
role = Role.lookup(name: 'Agent')
|
||||
params = { firstname: 'Agent First', lastname: 'Agent Last', email: 'new_agent_by_admin1@example.com', role_ids: [ role.id ] }
|
||||
post '/api/v1/users', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
user = User.find(result['id'])
|
||||
assert_not(user.role?('Admin'))
|
||||
assert(user.role?('Agent'))
|
||||
assert_not(user.role?('Customer'))
|
||||
assert_equal('new_agent_by_admin1@example.com', result['login'])
|
||||
assert_equal('new_agent_by_admin1@example.com', result['email'])
|
||||
|
||||
role = Role.lookup(name: 'Agent')
|
||||
params = { firstname: 'Agent First', email: 'new_agent_by_admin2@example.com', role_ids: [ role.id ] }
|
||||
post '/api/v1/users', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
user = User.find(result['id'])
|
||||
assert_not(user.role?('Admin'))
|
||||
assert(user.role?('Agent'))
|
||||
assert_not(user.role?('Customer'))
|
||||
assert_equal('new_agent_by_admin2@example.com', result['login'])
|
||||
assert_equal('new_agent_by_admin2@example.com', result['email'])
|
||||
assert_equal('Agent', result['firstname'])
|
||||
assert_equal('First', result['lastname'])
|
||||
|
||||
role = Role.lookup(name: 'Agent')
|
||||
params = { firstname: 'Agent First', email: 'new_agent_by_admin2@example.com', role_ids: [ role.id ] }
|
||||
post '/api/v1/users', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(422)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
assert_equal('Email address is already used for other user.', result['error'])
|
||||
|
||||
# missing required attributes
|
||||
params = { note: 'some note' }
|
||||
post '/api/v1/users', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(422)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
assert_equal('Minimum one identifier (login, firstname, lastname, phone or email) for user is required.', result['error'])
|
||||
|
||||
# invalid email
|
||||
params = { firstname: 'newfirstname123', email: 'some_what', note: 'some note' }
|
||||
post '/api/v1/users', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(422)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
assert_equal('Invalid email', result['error'])
|
||||
|
||||
# with valid attributes
|
||||
params = { firstname: 'newfirstname123', note: 'some note' }
|
||||
post '/api/v1/users', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
user = User.find(result['id'])
|
||||
assert_not(user.role?('Admin'))
|
||||
assert_not(user.role?('Agent'))
|
||||
assert(user.role?('Customer'))
|
||||
assert(result['login'].start_with?('auto-'))
|
||||
assert_equal('', result['email'])
|
||||
assert_equal('newfirstname123', result['firstname'])
|
||||
assert_equal('', result['lastname'])
|
||||
end
|
||||
|
||||
test 'user index and create with agent' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-agent@example.com', 'agentpw')
|
||||
|
||||
# me
|
||||
get '/api/v1/users/me', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
assert_equal(result['email'], 'rest-agent@example.com')
|
||||
|
||||
# index
|
||||
get '/api/v1/users', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
|
||||
# index
|
||||
get '/api/v1/users', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
assert_equal(result.class, Array)
|
||||
assert(result.length >= 3)
|
||||
|
||||
get '/api/v1/users?limit=40&page=1&per_page=2', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
users = User.order(:id).limit(2)
|
||||
assert_equal(users[0].id, result[0]['id'])
|
||||
assert_equal(users[1].id, result[1]['id'])
|
||||
assert_equal(2, result.count)
|
||||
|
||||
get '/api/v1/users?limit=40&page=2&per_page=2', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
users = User.order(:id).limit(4)
|
||||
assert_equal(users[2].id, result[0]['id'])
|
||||
assert_equal(users[3].id, result[1]['id'])
|
||||
assert_equal(2, result.count)
|
||||
|
||||
# create user with admin role
|
||||
firstname = "First test#{rand(999_999_999)}"
|
||||
role = Role.lookup(name: 'Admin')
|
||||
params = { firstname: "Admin#{firstname}", lastname: 'Admin Last', email: 'new_admin_by_agent@example.com', role_ids: [ role.id ] }
|
||||
post '/api/v1/users', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result_user1 = JSON.parse(@response.body)
|
||||
assert(result_user1)
|
||||
user = User.find(result_user1['id'])
|
||||
assert_not(user.role?('Admin'))
|
||||
assert_not(user.role?('Agent'))
|
||||
assert(user.role?('Customer'))
|
||||
assert_equal('new_admin_by_agent@example.com', result_user1['login'])
|
||||
assert_equal('new_admin_by_agent@example.com', result_user1['email'])
|
||||
|
||||
# create user with agent role
|
||||
role = Role.lookup(name: 'Agent')
|
||||
params = { firstname: "Agent#{firstname}", lastname: 'Agent Last', email: 'new_agent_by_agent@example.com', role_ids: [ role.id ] }
|
||||
post '/api/v1/users', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result_user1 = JSON.parse(@response.body)
|
||||
assert(result_user1)
|
||||
user = User.find(result_user1['id'])
|
||||
assert_not(user.role?('Admin'))
|
||||
assert_not(user.role?('Agent'))
|
||||
assert(user.role?('Customer'))
|
||||
assert_equal('new_agent_by_agent@example.com', result_user1['login'])
|
||||
assert_equal('new_agent_by_agent@example.com', result_user1['email'])
|
||||
|
||||
# create user with customer role
|
||||
role = Role.lookup(name: 'Customer')
|
||||
params = { firstname: "Customer#{firstname}", lastname: 'Customer Last', email: 'new_customer_by_agent@example.com', role_ids: [ role.id ] }
|
||||
post '/api/v1/users', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(201)
|
||||
result_user1 = JSON.parse(@response.body)
|
||||
assert(result_user1)
|
||||
user = User.find(result_user1['id'])
|
||||
assert_not(user.role?('Admin'))
|
||||
assert_not(user.role?('Agent'))
|
||||
assert(user.role?('Customer'))
|
||||
assert_equal('new_customer_by_agent@example.com', result_user1['login'])
|
||||
assert_equal('new_customer_by_agent@example.com', result_user1['email'])
|
||||
|
||||
# search as agent
|
||||
Scheduler.worker(true)
|
||||
sleep 2 # let es time to come ready
|
||||
get "/api/v1/users/search?query=#{CGI.escape("Customer#{firstname}")}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
|
||||
assert_equal(result_user1['id'], result[0]['id'])
|
||||
assert_equal("Customer#{firstname}", result[0]['firstname'])
|
||||
assert_equal('Customer Last', result[0]['lastname'])
|
||||
assert(result[0]['role_ids'])
|
||||
assert_not(result[0]['roles'])
|
||||
|
||||
get "/api/v1/users/search?query=#{CGI.escape("Customer#{firstname}")}&expand=true", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal(result_user1['id'], result[0]['id'])
|
||||
assert_equal("Customer#{firstname}", result[0]['firstname'])
|
||||
assert_equal('Customer Last', result[0]['lastname'])
|
||||
assert(result[0]['role_ids'])
|
||||
assert(result[0]['roles'])
|
||||
|
||||
get "/api/v1/users/search?query=#{CGI.escape("Customer#{firstname}")}&label=true", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal(result_user1['id'], result[0]['id'])
|
||||
assert_equal("Customer#{firstname} Customer Last <new_customer_by_agent@example.com>", result[0]['label'])
|
||||
assert_equal("Customer#{firstname} Customer Last <new_customer_by_agent@example.com>", result[0]['value'])
|
||||
assert_not(result[0]['role_ids'])
|
||||
assert_not(result[0]['roles'])
|
||||
|
||||
role = Role.find_by(name: 'Agent')
|
||||
get "/api/v1/users/search?query=#{CGI.escape("Customer#{firstname}")}&role_ids=#{role.id}&label=true", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal(0, result.count)
|
||||
|
||||
role = Role.find_by(name: 'Customer')
|
||||
get "/api/v1/users/search?query=#{CGI.escape("Customer#{firstname}")}&role_ids=#{role.id}&label=true", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal(result_user1['id'], result[0]['id'])
|
||||
assert_equal("Customer#{firstname} Customer Last <new_customer_by_agent@example.com>", result[0]['label'])
|
||||
assert_equal("Customer#{firstname} Customer Last <new_customer_by_agent@example.com>", result[0]['value'])
|
||||
assert_not(result[0]['role_ids'])
|
||||
assert_not(result[0]['roles'])
|
||||
|
||||
permission = Permission.find_by(name: 'ticket.agent')
|
||||
get "/api/v1/users/search?query=#{CGI.escape("Customer#{firstname}")}&permissions=#{permission.name}&label=true", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal(0, result.count)
|
||||
|
||||
permission = Permission.find_by(name: 'ticket.customer')
|
||||
get "/api/v1/users/search?query=#{CGI.escape("Customer#{firstname}")}&permissions=#{permission.name}&label=true", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal(result_user1['id'], result[0]['id'])
|
||||
assert_equal("Customer#{firstname} Customer Last <new_customer_by_agent@example.com>", result[0]['label'])
|
||||
assert_equal("Customer#{firstname} Customer Last <new_customer_by_agent@example.com>", result[0]['value'])
|
||||
assert_not(result[0]['role_ids'])
|
||||
assert_not(result[0]['roles'])
|
||||
end
|
||||
|
||||
test 'user index and create with customer1' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-customer1@example.com', 'customer1pw')
|
||||
|
||||
# me
|
||||
get '/api/v1/users/me', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
assert_equal(result['email'], 'rest-customer1@example.com')
|
||||
|
||||
# index
|
||||
get '/api/v1/users', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Array)
|
||||
assert_equal(result.length, 1)
|
||||
|
||||
# show/:id
|
||||
get "/api/v1/users/#{@customer_without_org.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_equal(result['email'], 'rest-customer1@example.com')
|
||||
|
||||
get "/api/v1/users/#{@customer_with_org.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert(result['error'])
|
||||
|
||||
# create user with admin role
|
||||
role = Role.lookup(name: 'Admin')
|
||||
params = { firstname: 'Admin First', lastname: 'Admin Last', email: 'new_admin_by_customer1@example.com', role_ids: [ role.id ] }
|
||||
post '/api/v1/users', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
|
||||
# create user with agent role
|
||||
role = Role.lookup(name: 'Agent')
|
||||
params = { firstname: 'Agent First', lastname: 'Agent Last', email: 'new_agent_by_customer1@example.com', role_ids: [ role.id ] }
|
||||
post '/api/v1/users', params: params.to_json, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
|
||||
# search
|
||||
Scheduler.worker(true)
|
||||
get "/api/v1/users/search?query=#{CGI.escape('First')}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
end
|
||||
|
||||
test 'user index with customer2' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-customer2@example.com', 'customer2pw')
|
||||
|
||||
# me
|
||||
get '/api/v1/users/me', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert(result)
|
||||
assert_equal(result['email'], 'rest-customer2@example.com')
|
||||
|
||||
# index
|
||||
get '/api/v1/users', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Array)
|
||||
assert_equal(result.length, 1)
|
||||
|
||||
# show/:id
|
||||
get "/api/v1/users/#{@customer_with_org.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_equal(result['email'], 'rest-customer2@example.com')
|
||||
|
||||
get "/api/v1/users/#{@customer_without_org.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert(result['error'])
|
||||
|
||||
# search
|
||||
Scheduler.worker(true)
|
||||
get "/api/v1/users/search?query=#{CGI.escape('First')}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
end
|
||||
|
||||
test 'organization index with agent' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-agent@example.com', 'agentpw')
|
||||
|
||||
# index
|
||||
get '/api/v1/organizations', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Array)
|
||||
assert_equal(result[0]['member_ids'].class, Array)
|
||||
assert(result.length >= 3)
|
||||
|
||||
get '/api/v1/organizations?limit=40&page=1&per_page=2', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
organizations = Organization.order(:id).limit(2)
|
||||
assert_equal(organizations[0].id, result[0]['id'])
|
||||
assert_equal(organizations[0].member_ids, result[0]['member_ids'])
|
||||
assert_equal(organizations[1].id, result[1]['id'])
|
||||
assert_equal(organizations[1].member_ids, result[1]['member_ids'])
|
||||
assert_equal(2, result.count)
|
||||
|
||||
get '/api/v1/organizations?limit=40&page=2&per_page=2', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
organizations = Organization.order(:id).limit(4)
|
||||
assert_equal(organizations[2].id, result[0]['id'])
|
||||
assert_equal(organizations[2].member_ids, result[0]['member_ids'])
|
||||
assert_equal(organizations[3].id, result[1]['id'])
|
||||
assert_equal(organizations[3].member_ids, result[1]['member_ids'])
|
||||
|
||||
assert_equal(2, result.count)
|
||||
|
||||
# show/:id
|
||||
get "/api/v1/organizations/#{@organization.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_equal(result['member_ids'].class, Array)
|
||||
assert_not(result['members'])
|
||||
assert_equal(result['name'], 'Rest Org')
|
||||
|
||||
get "/api/v1/organizations/#{@organization2.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_equal(result['member_ids'].class, Array)
|
||||
assert_not(result['members'])
|
||||
assert_equal(result['name'], 'Rest Org #2')
|
||||
|
||||
# search as agent
|
||||
Scheduler.worker(true)
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal('Zammad Foundation', result[0]['name'])
|
||||
assert(result[0]['member_ids'])
|
||||
assert_not(result[0]['members'])
|
||||
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}&expand=true", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal('Zammad Foundation', result[0]['name'])
|
||||
assert(result[0]['member_ids'])
|
||||
assert(result[0]['members'])
|
||||
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}&label=true", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(Array, result.class)
|
||||
assert_equal('Zammad Foundation', result[0]['label'])
|
||||
assert_equal('Zammad Foundation', result[0]['value'])
|
||||
assert_not(result[0]['member_ids'])
|
||||
assert_not(result[0]['members'])
|
||||
end
|
||||
|
||||
test 'organization index with customer1' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-customer1@example.com', 'customer1pw')
|
||||
|
||||
# index
|
||||
get '/api/v1/organizations', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Array)
|
||||
assert_equal(result.length, 0)
|
||||
|
||||
# show/:id
|
||||
get "/api/v1/organizations/#{@organization.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_nil(result['name'])
|
||||
|
||||
get "/api/v1/organizations/#{@organization2.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_nil(result['name'])
|
||||
|
||||
# search
|
||||
Scheduler.worker(true)
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
end
|
||||
|
||||
test 'organization index with customer2' do
|
||||
|
||||
credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-customer2@example.com', 'customer2pw')
|
||||
|
||||
# index
|
||||
get '/api/v1/organizations', params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Array)
|
||||
assert_equal(result.length, 1)
|
||||
|
||||
# show/:id
|
||||
get "/api/v1/organizations/#{@organization.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(200)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_equal(result['name'], 'Rest Org')
|
||||
|
||||
get "/api/v1/organizations/#{@organization2.id}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
result = JSON.parse(@response.body)
|
||||
assert_equal(result.class, Hash)
|
||||
assert_nil(result['name'])
|
||||
|
||||
# search
|
||||
Scheduler.worker(true)
|
||||
get "/api/v1/organizations/search?query=#{CGI.escape('Zammad')}", params: {}, headers: @headers.merge('Authorization' => credentials)
|
||||
assert_response(401)
|
||||
end
|
||||
|
||||
end
|
Loading…
Reference in a new issue